CVE-2005-2891

critical

Description

WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) MakeArchiveStr methods.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/22188

http://www.securityfocus.com/bid/14760

http://secunia.com/advisories/16722/

http://marc.info/?l=bugtraq&m=112611388014937&w=2

Details

Source: Mitre, NVD

Published: 2005-09-14

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00871