1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Chilkat Mail ActiveX File Overwrite

HTTP Chilkat Mail ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing specially crafted arguments into a method of Chilkat Email ActiveX Control.

Additional Information

Chilkat Email ActiveX control is prone to a vulnerability that allows attackers to create or overwrite arbitrary data with the privileges of the application using the control (typically Internet Explorer).

Successful exploits can compromise affected computers or cause denial-of-service conditions; other attacks are possible.

Affected

  • This issue affects the 'ChilkatCert.dll' library of the Chilkat Email ActiveX control 7.8; other versions may also be affected.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube