Lucene search

[email protected]CVE-2008-4584

HistoryOct 15, 2008 - 10:45 p.m.

CVE-2008-4584

2008-10-1522:45:31

[email protected]

web.nvd.nist.gov

cve

2008

4584

insecure method vulnerability

chilkat mail

activex control

chilkatcert.dll

remote attackers

arbitrary files

savelasterror method

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.096 Low

EPSS

Percentile

94.8%

JSON

Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method.

Affected configurations

NVD

Node

chilkat_softwaremailMatch7.8

CPENameOperatorVersion
chilkat_software:mailchilkat software maileq7.8

CPE	Name	Operator	Version
chilkat_software:mail	chilkat software mail	eq	7.8

References

securityreason.com/securityalert/4424

www.securityfocus.com/bid/27493

exchange.xforce.ibmcloud.com/vulnerabilities/40041

www.exploit-db.com/exploits/5005

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.096 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2008-4584

cvelist1 nvd1 prion1