Vulnerability Description
The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary files. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chilkat Software | Chilkathttp Activex | <= 2.3.0.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/29581Vendor Advisory
- http://www.securityfocus.com/bid/28546Exploit
- http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Security&argumentExploit
- http://www.vupen.com/english/advisories/2008/1050/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45988
- https://www.exploit-db.com/exploits/5338
- http://secunia.com/advisories/29581Vendor Advisory
- http://www.securityfocus.com/bid/28546Exploit
- http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Security&argumentExploit
- http://www.vupen.com/english/advisories/2008/1050/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45988
- https://www.exploit-db.com/exploits/5338
FAQ
What is CVE-2008-1647?
CVE-2008-1647 is a vulnerability with a CVSS score of 9.3 (HIGH). The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, whic...
How severe is CVE-2008-1647?
CVE-2008-1647 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1647?
Check the references section above for vendor advisories and patch information. Affected products include: Chilkat Software Chilkathttp Activex.