BetaONE will rise again!


Reply
  #1  
Old 1st Feb 08, 03:19 PM
NewsBot's Avatar
NewsBot NewsBot is offline
Senior Member
 
Join Date: Oct 2004
Posts: 31,559
NewsBot will become famous soon enough
Image uploader bug blights MySpace
Security flaws in an ActiveX control used in MySpace upload images onto the social networking sites leave users open to attack. Facebook users may also be at risk. A buffer overflow vulnerability in Aurigma's Image Uploader Control Library might be used to compromise a user's system. The affected control is used for uploading images onto social networking sites using Microsoft's Internet Explorer. Users might be vulnerable if tricked into visiting a specially crafted web page that exploits the vulnerability.

The flaw was first reported by Elazar Broad on a full disclosure mailing list, who said that the vulnerable control was used by MySpace. Facebook also reportedly repackages the Aurigma control, though which version it uses is unclear. Broad reported the problem to Aurigma.

View: The full story @ The Reg

Read full story...



More...
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
MySpace Bug Leaks 'Private' Teen Photos to Voyeurs NewsBot NeoWin News 0 18th Jan 08 11:52 AM
FastStone Image Viewer 3.3 Beta 3 NewsBot NeoWin News 0 9th Aug 07 08:02 AM
Text bug blights Trillian NewsBot NeoWin News 0 19th Jun 07 03:11 PM
FastStone Image Viewer 3.3 Beta 2 NewsBot NeoWin News 0 11th Jun 07 10:58 AM
Information disclosure bug blights IE7 release Alpine BetaONE News 0 19th Oct 06 01:12 PM


All times are GMT +1. The time now is 05:32 AM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.