CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Microsoft: >> Digital Image Security Vulnerabilities

CVE-2008-4493

Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.

CVSS Score

6.8

EPSS Score

0.321

Published

2008-10-08

Page 1

Vulnerabilities

Vulnerable Software

Microsoft: >> Digital Image Security Vulnerabilities

Products

Pricing

Contact Us