eBay Enhanced Picture Services ActiveX Control Remote Buffer Overflow Vulnerability
Technical Description



A vulnerability has been identified in eBay Enhanced Picture Services(EPUImageControl Class) ActiveX control, which could be exploited byremote attackers to take complete control of an affected system. Thisflaw is due to a buffer overflow error when handling malformedparameters, which could be exploited by remote attackers to executearbitrary commands on a vulnerable system via a specially crafted Webpage.



Affected Products



eBay Enhanced Picture Services ActiveX control version 1.0.3.36 and prior



Solution



Upgrade to version 1.0.3.48 :

http://pages.ebay.com/picture_manager/
더보기

댓글,