Lucene search

[email protected]CVE-2007-3633

HistoryJul 10, 2007 - 12:30 a.m.

CVE-2007-3633

2007-07-1000:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3633

chilkat software

chilkat zip activex control

path traversal

vulnerability

remote attack

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveLastError method and probably the (2) WriteExe method.

Affected configurations

NVD

Node

chilkat_softwarechilkat_zip_activex_controlMatch12.4.2.0

CPENameOperatorVersion
chilkat_software:chilkat_zip_activex_controlchilkat software chilkat zip activex controleq12.4.2.0

CPE	Name	Operator	Version
chilkat_software:chilkat_zip_activex_control	chilkat software chilkat zip activex control	eq	12.4.2.0

References

osvdb.org/37676

secunia.com/advisories/25962

secunia.com/advisories/48967

secunia.com/advisories/48968

www.securityfocus.com/bid/24806

www.vupen.com/english/advisories/2007/2464

exchange.xforce.ibmcloud.com/vulnerabilities/35294

www.exploit-db.com/exploits/4160

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Related for CVE-2007-3633

cvelist2 nvd2 prion2 cve1