← volver
CVE-2008-4493

CVE-2008-4493

EPSS 17.6%
Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
cve_referencewww.exploit-db.com/exploits/6699no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://securityreason.com/securityalert/4376https://exchange.xforce.ibmcloud.com/vulnerabilities/45735https://www.exploit-db.com/exploits/6699http://www.securityfocus.com/bid/31632http://www.securitytracker.com/id?1021018