CVE-2008-7022 - Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (

CVE-2008-7022

Summary

Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45532
https://www.exploit-db.com/exploits/6600

Vulnerable Configurations

cpe:2.3:a:chilkatsoft:chilkat_imap_activex_control:7.9:*:*:*:*:*:*:*
cpe:2.3:a:chilkatsoft:chilkat_imap_activex_control:7.9:*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 29-09-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

exploit-db	6600
xf	chilkatimap-loadxmlemail-unauth-access(45532)

Last major update

29-09-2017 - 01:33

Published

21-08-2009 - 14:30

Last modified

29-09-2017 - 01:33