« **Support House Bill 1329** | Password Security »

Exploit for Facebook and MySpace Image Uploader Vulnerability

Publicly Available Exploit for Facebook and MySpace Image Uploader Vulnerability

added February 4, 2008 at 10:28 am | updated February 4, 2008 at 11:38 am
 US-CERT is aware of publicly available exploit code for an unpatched vulnerability affecting an image uploader used by Facebook and MySpace. This vulnerability is caused by a buffer overflow in Aurigma’s ImageUploader ActiveX control. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code on an affected system.

More information regarding this vulnerability can be found in Vulnerability Note VU#776931.

US-CERT encourages users to Disable ActiveX controls as described in the Securing Your Web Browser document.

US-CERT will continue to investigate and provide additional information as it becomes available.

Source: produced by US-CERT

This entry was posted on 5. February 2008 at 00:17 and is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.