CVE-2005-2891
N/A
N/A
Summary
WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) MakeArchiveStr methods.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22188
- http://www.securitytracker.com/alerts/2005/Sep/1014867.html
- http://secunia.com/advisories/16722/
- http://www.securityfocus.com/bid/14760
- http://marc.info/?l=bugtraq&m=112611388014937&w=2
- http://security-assessment.com/Advisories/WebArchiveX_-_Unsafe_Methods_Vulnerability.pdf
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22188
- http://www.securitytracker.com/alerts/2005/Sep/1014867.html
- http://secunia.com/advisories/16722/
- http://www.securityfocus.com/bid/14760
- http://marc.info/?l=bugtraq&m=112611388014937&w=2
- http://security-assessment.com/Advisories/WebArchiveX_-_Unsafe_Methods_Vulnerability.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.