CVE-2011-5289

Diego Uscanga Atube Catcher - Access Control

Title source: rule

Description

The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX control in ChilkatCrypt2.dll in aTube Catcher 2.3.570 allows remote attackers to write to arbitrary files via a pathname in the argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/6963

View Code ZIP pw:eip

References (1)

[Exploit] https://www.htbridge.com/advisory/HTB23013

Scores

EPSS 0.0393

EPSS Percentile 88.4%

Details

CWE

CWE-264

Status published

Products (1)

diego_uscanga/atube_catcher 2.3.570

Published Jan 01, 2015

Tracked Since Feb 18, 2026