Vulnerability Description
WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) MakeArchiveStr methods.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Csystems | Webarchivex | 5.5.0.76 |
References
- http://marc.info/?l=bugtraq&m=112611388014937&w=2
- http://secunia.com/advisories/16722/Vendor Advisory
- http://security-assessment.com/Advisories/WebArchiveX_-_Unsafe_Methods_VulnerabiExploitVendor Advisory
- http://www.securityfocus.com/bid/14760
- http://www.securitytracker.com/alerts/2005/Sep/1014867.htmlExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22188
- http://marc.info/?l=bugtraq&m=112611388014937&w=2
- http://secunia.com/advisories/16722/Vendor Advisory
- http://security-assessment.com/Advisories/WebArchiveX_-_Unsafe_Methods_VulnerabiExploitVendor Advisory
- http://www.securityfocus.com/bid/14760
- http://www.securitytracker.com/alerts/2005/Sep/1014867.htmlExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22188
FAQ
What is CVE-2005-2891?
CVE-2005-2891 is a vulnerability with a CVSS score of 6.4 (MEDIUM). WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) ...
How severe is CVE-2005-2891?
CVE-2005-2891 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2891?
Check the references section above for vendor advisories and patch information. Affected products include: Csystems Webarchivex.