Intrusion Prevention

MySpace.Uploader.Action.ActiveX.Control.Access

Description

This indicates an attempt to exploit a buffer overflow vulnerability in the MySpace Uploader ActiveX Control.
The software is vulnerable to a buffer overflow when an attacker passes an overly long string to the 'Action' property. This can lead to arbitrary code execution on the target computer.

Affected Products

MySpaceUploader.ocx version 1.0.0.4
MySpaceUploader.ocx version 1.0.0.5

Impact

System Compromise: remote code execution.

Recommended Actions

Update this component when the update becomes available. For now set the kill bit on this ActiveX Control.

CVE References

CVE-2008-0659