Vulnerabilities > CVE-2007-4252 - Unspecified vulnerability in Chilkat Software ASP String 1.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN chilkat-software
exploit available
Summary
Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveToFile method, a different vulnerability than CVE-2007-3633.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | CHILKAT ASP String (CkString.dll <= 1.1) SaveToFile() Inscure Method. CVE-2007-4252. Remote exploit for windows platform |
| file | exploits/windows/remote/4255.html |
| id | EDB-ID:4255 |
| last seen | 2016-01-31 |
| modified | 2007-08-05 |
| platform | windows |
| port | |
| published | 2007-08-05 |
| reporter | shinnai |
| source | https://www.exploit-db.com/download/4255/ |
| title | CHILKAT ASP String CkString.dll <= 1.1 SaveToFile Inscure Method |
| type | remote |
References
- http://osvdb.org/40110
- http://osvdb.org/40110
- http://www.securityfocus.com/bid/25205
- http://www.securityfocus.com/bid/25205
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35812
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35812
- https://www.exploit-db.com/exploits/4255
- https://www.exploit-db.com/exploits/4255