Lucene search

[email protected]CVE-2011-5289

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-5289

2022-10-0316:15:12

CWE-264

[email protected]

web.nvd.nist.gov

cve-2011-5289

savedecrypted method

chilkatcrypt2

activex control

atube catcher 2.3.570

file write vulnerability

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.6%

JSON

The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX control in ChilkatCrypt2.dll in aTube Catcher 2.3.570 allows remote attackers to write to arbitrary files via a pathname in the argument.

Affected configurations

NVD

Node

diego_uscangaatube_catcherMatch2.3.570

CPENameOperatorVersion
diego_uscanga:atube_catcherdiego uscanga atube catchereq2.3.570

CPE	Name	Operator	Version
diego_uscanga:atube_catcher	diego uscanga atube catcher	eq	2.3.570

References

www.htbridge.com/advisory/HTB23013

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.6%

JSON

Related for CVE-2011-5289

prion1 cvelist1 nvd1