WebArchiveX component file manipulation

webarchivex-component-file-manipulation (22188) The risk level is classified as MediumMedium Risk

Description:

WebArchiveX is vulnerable to file manipulation caused by a vulnerability in the Safe for Scripting component. The MarkArchive() method could allow a remote attacker to write a .mht file on the system in the startup folder that will run when the system is started. The MakeArchiveStr() method could be used to view arbitrary files on the system. A remote attacker could exploit these vulnerabilities to view or manipulate files on the vulnerable system.


Consequences:

File Manipulation

Remedy:

Upgrade to the latest version of WebArchiveX (5.5.0.76 dated September 6, 2005 or later), available from the WebArchiveX Web site. See References.

References:

  • Full-Disclosure Mailing List: Tue Sep 06 2005 - 19:43:37 CDT: WebArchiveX - Unsafe Methods Vulnerability.
  • WebArchiveX Web site: C Systems - Creative Software Solutions since 1996.
  • BID-14760: CSystems WebArchiveX ActiveX Component Arbitrary File Read and Write Vulnerabilities
  • CVE-2005-2891: WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) MakeArchiveStr methods.
  • SA16722: WebArchiveX ActiveX Control Insecure Methods
  • SECTRACK ID: 1014867: WebArchiveX `Safe for Scripting` Setting Lets Remote Users Read and Write Files

Platforms Affected:

  • C Systems WebArchiveX 5.5.0.76

Reported:

Sep 07, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page