📦

chilkat_xml_activex_control

Name: chilkat_xml_activex_control
Author: WatchStack

Vendor: chilkat_software

Login to add this product to WatchStack

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 1 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 6.53% Exploit Prob.

Latest CVE CVE-2008-4343 Sep 30

Security Vulnerability Index

Page 1 / 1

9.3 CVSS

CVE-2008-4343

RCE Exploit Found

The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the (1) SaveToFile, (2) SaveToTempFile, or (3) AppendBinary method. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: this can be leveraged for remote code execution by accessing files using hcp:// URLs.

EPSS: 6.53%

Severity: HIGH

Sep 30, 2008

Displaying 1 of 1 Total Entries

1

Total 1 Sections