Facebook Photo Uploader ActiveX Control < 220.127.116.11 Multiple Buffer Overflows
High Nessus Plugin ID 30152
SynopsisThe remote Windows host has an ActiveX control that is affected by multiple buffer overflow vulnerabilities.
DescriptionThe remote host contains a version of the Facebook Photo Uploader ActiveX control that reportedly is affected by multiple buffer overflows involving, for example, long arguments to the control's 'ExtractExif', 'ExtractIptc', and 'FileMask' properties. If a remote attacker can trick a user on the affected host into visiting a specially crafted web page, this issue could be leveraged to execute arbitrary code on the affected host subject to the user's privileges.
SolutionUpgrade to Facebook Photo Uploader version 18.104.22.168 or later as it is rumored to resolve the issues.