Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.900171
Category:General
Title:Chilkat Crypt ActiveX Control 'ChilkatCrypt2.dll' File Overwrite Vulnerability
Summary:The host is installed Chilkat Crypt, which is prone to ActiveX; Control based arbitrary file overwrite vulnerability.
Description:Summary:
The host is installed Chilkat Crypt, which is prone to ActiveX
Control based arbitrary file overwrite vulnerability.

Vulnerability Insight:
The vulnerability is due to the error in the 'ChilkatCrypt2.dll' ActiveX
Control component that does not restrict access to the 'WriteFile()' method.

Vulnerability Impact:
Successful exploitation will allow execution of arbitrary code.

Affected Software/OS:
Chilkat Crypt ActiveX Component version 4.3.2.1 and prior

Solution:
No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 32073
Common Vulnerability Exposure (CVE) ID: CVE-2008-5002
http://www.securityfocus.com/bid/32073
https://www.exploit-db.com/exploits/6963
http://secunia.com/advisories/32513
http://securityreason.com/securityalert/4571
http://www.vupen.com/english/advisories/2008/2998
XForce ISS Database: chilkat-crypt-activex-file-overwrite(46315)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46315
CopyrightCopyright (C) 2008 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.