Описание
The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary files. NOTE: some of these details are obtained from third party information.
Ссылки
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.0.0 (включая)Версия до 2.4.0.0 (включая)
Одно из
cpe:2.3:a:chilkat_software:chilkathttp_activex:*:*:*:*:*:*:*:*
cpe:2.3:a:chilkat_software:chilkathttp_activex:*:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05958
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary files. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 90%
0.05958
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20