|
Posted by on February 19, 2008, 11:00 am
If you were Registered and logged in, you could reply and use other advanced thread options > Original Advisory: MySpace Uploader ActiveX Control Buffer Overflowhttp://=
lists.grok.org.uk/pipermail/full-disclosure/2008-January/05998...
>
> MySpace Uploader Control ActiveX Control Property Handling Buffer
> Overflow =A0 =A0 =A0 =A0http://secunia.com/advisories/28715/
>
> Original:FaceBook/Aurigma Image/PhotoUploader Buffer Overflowhttp://lists.=
grok.org.uk/pipermail/full-disclosure/2008-February/0600...
>
> FacebookPhoto Uploader ActiveX Control Property Handling Buffer
> Overflow =A0 =A0 =A0 =A0http://secunia.com/advisories/28713/
>
> MowGreen =A0[MVP 2003-2008]
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> =A0 *-343-* =A0FDNY
> Never Forgotten
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
>
>
> brightwell_...@yahoo.co.uk wrote:
> > I'm aware of the recently alerted flaw in the image uploder ActiveX
> > control used by some popular social networking sites. But I haven't
> > found technical details to explain where the risk actually lies...
>
> > Is it in the Uploader talking to a malicious download application or
> > is it the Uploader opening a malicious image file. Or is there a
> > different attack vector?
>
> > I don't supposeFacebookor MySpace would intentioanlly post a
> > malicous download element to the Uploader - although someone could
> > spoof one of these sites to get at an unsuspecting user.
>
> > Or if it is crafted image files that we are worried about then as long
> > as users stick to pictures which they know to be ok (such a photos
> > they've taken themselves) then surely the risk is quite low.
>
> > I'm guessing that the risk is related to the first mentioned above in
> > that a malicious site could invoke the ActiveX control and then pass
> > it crafted information- is that right?
>
> > Thanks- Hide quoted text -
>
> - Show quoted text -
Thanks for your interest and response but I don't see how this
addresses my point - I've checked the links (of which only one appears
to refer Facebook ActiveX vulnerability).
I already knew that it was a buffer overflow in the ActiveX control
but I don't know what tirggers the overflow
1. A malicious Download agent on the Server
or
2. A crafted image file
or
3. something else
If it is the first two then I'm not so worried - because I doubt that
Facebook (assuming I'm not misdirected) would attack me with a
malicious agent and I'm also confident of the sources of any images I
care to upload (i.e. they will come from my camera).
If it is '3' (something else) then maybe I should be worried - but I
have not got an answer to that.
Does anyone have such an answer?
Thanks
| 
XML site map