Vulnerabilities > CVE-2007-4252 - Unspecified vulnerability in Chilkat Software ASP String 1.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
chilkat-software
exploit available

Summary

Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveToFile method, a different vulnerability than CVE-2007-3633. More detailed information listed here: http://www.securityfocus.com/bid/25205/info

Vulnerable Configurations

Part Description Count
Application
Chilkat_Software
1

Exploit-Db

descriptionCHILKAT ASP String (CkString.dll <= 1.1) SaveToFile() Inscure Method. CVE-2007-4252. Remote exploit for windows platform
fileexploits/windows/remote/4255.html
idEDB-ID:4255
last seen2016-01-31
modified2007-08-05
platformwindows
port
published2007-08-05
reportershinnai
sourcehttps://www.exploit-db.com/download/4255/
titleCHILKAT ASP String CkString.dll <= 1.1 SaveToFile Inscure Method
typeremote