Chilkat Software

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-5002 1Chilkat Software 1Chilkat Crypt Activex Control Apr 23, 2026 Nov 10, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the Wr...Show more Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information.Show less
CVE-2008-4584 1Chilkat Software 1Mail Apr 23, 2026 Oct 15, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method.
CVE-2008-4583 1Chilkat Software 1Ftp Apr 23, 2026 Oct 15, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method.
CVE-2008-4343 1Chilkat Software 1Chilkat Xml Activex Control Apr 23, 2026 Sep 30, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the (1) SaveToFile, (2) Save...Show more The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the (1) SaveToFile, (2) SaveToTempFile, or (3) AppendBinary method. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: this can be leveraged for remote code execution by accessing files using hcp:// URLs.Show less
CVE-2008-2017 1Chilkat Software 1Chicomas Apr 23, 2026 Apr 30, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default...Show more Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/.Show less
CVE-2008-2016 1Chilkat Software 1Chicomas Apr 23, 2026 Apr 30, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. N...Show more PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences.Show less
CVE-2008-1647 1Chilkat Software 1Chilkathttp Activex Apr 23, 2026 Apr 2, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote atta...Show more The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary files. NOTE: some of these details are obtained from third party information.Show less
CVE-2007-4252 1Chilkat Software 1Asp String Apr 23, 2026 Aug 8, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first arg...Show more Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveToFile method, a different vulnerability than CVE-2007-3633.Show less
CVE-2007-3633 1Chilkat Software 1Chilkat Zip Activex Control Apr 23, 2026 Jul 10, 2007 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to...Show more Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in ChilkatZip2.dll 12.4.2.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveLastError method and probably the (2) WriteExe method.Show less