EUVD-2008-6918

Malware in sbrugna...

CVE-2008-6959

Insecure method vulnerability in the Chilkat Socket ActiveX control ChilkatSocket.ChilkatSocket.1 in ChilkatSocket.dll 2.3.1.1 allows remote attackers to overwrite arbitrary files via the SaveLastError method. NOTE: this might be related to CVE-2008-1647...

CVE-2008-6959

CVE-2008-6959 affects the ChilkatSocket.dll 2.3.1.1 Chilkat Socket ActiveX control (ChilkatSocket.ChilkatSocket.1). The vulnerability is an insecure SaveLastError method that allows remote attackers to overwrite arbitrary files. A CIRCL/Exploit-DB entry (Exploit-DB 7142) confirms at least one wor...

Chilkat FTP - ActiveX (SaveLastError) Insecure Method

Chilkat FTP - ActiveX SaveLastError Insecure Method ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2 ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2 Arbitrary Data Write Exploit function Doit File = "c:\boot.ini" ctrl.SaveLastErrorFile milw0rm.com 2008-12-28...

Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit

Exploit for unknown platform in category remote exploits =========================================================== Chilkat FTP ActiveX SaveLastError Insecure Method Exploit =========================================================== ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll...

Chilkat Socket ActiveX SaveLastError()任意文件覆盖漏洞

BUGTRAQ ID: 32333 Chilkat socket组件为TCP/IP套接字编程提供简单易用的API。 ChilkatSocket.ChilkatSocket.1 ActiveX控件（ChilkatSocket.dll）没有正确地验证对SaveLastError方式所提供的输入参数，如果远程攻击者受骗访问了恶意网页并向该方式传送了恶意输入的话，就可能导致以当前登录用户的权限覆盖和破坏系统上的任意文件。 Chilkat Software ChilkatSocket.DLL 2.3.1.1 临时解决方法： 为clsid...

CVE-2008-4584

Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control ChilkatCert.dll allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method...

Security feature bypass

Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control ChilkatCert.dll allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method...

CVE-2008-4584

Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control ChilkatCert.dll allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method...

CVE-2008-4584

The CVE-2008-4584 entry concerns Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll). The vulnerability is an insecure method vulnerability that allows remote attackers to overwrite arbitrary files by supplying a full pathname to the SaveLastError method. According to the cited sources, this is a ...

chilkathttp-overwrite.txt

-------------------------------------------------------------------- ChilkatHttp ActiveX 2.3 Arbitrary Files Overwrite url: www.chilkatsoft.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. Use it at your own risk...

CVE-2008-1647

The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary files. NOTE: some of these details are obtained...

CVE-2008-1647

The CVE-2008-1647 entry concerns ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll versions 2.4.0.0, 2.3.0.0 and earlier. The vulnerability arises from exposing the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary f...

Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method

Chilkat Mail ActiveX 7.8 ChilkatCert.dll Insecure Method Exploit Site : www.chilkatsoft.com =================================================== Tested on Windows XP Professional SP2 , with Internet Explorer 6 Author : darkl0rd E-Mail : lldarkl0rdllatyahoodotcom SaveLastError Sub lose...

Path traversal

Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the 1 SaveLastError method and probably the 2 WriteExe method...

CVE-2007-3633

Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the 1 SaveLastError method and probably the 2 WriteExe method...

Chilkat Zip ActiveX Component 12.4 Multiple Insecure Methods Exploit

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"------------------------------------------------------------------------------ bChilkat Software Chilkat Zip ActiveX Component ChilkatZip2.dll v. 12.4.2.0...

Chilkat Zip ActiveX Component 12.4 Multiple Insecure Methods Exploit

Exploit for unknown platform in category remote exploits ==================================================================== Chilkat Zip ActiveX Component 12.4 Multiple Insecure Methods Exploit ====================================================================...