Vulnerabilities > CVE-2005-1105 - Unspecified vulnerability in SUN Javamail 1.3.2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

sun

exploit available

NVD

Published: 2005-05-02

Updated: 2016-10-18

Summary

Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in the Content-Disposition header.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN Javamail 1.3.2	1

Exploit-Db

description	Sun JavaMail 1.3.2 MimeBodyPart.getFileName Directory Traversal Vulnerability. CVE-2005-1105. Remote exploits for multiple platform
id	EDB-ID:25395
last seen	2016-02-03
modified	2005-04-12
published	2005-04-12
reporter	Rafael San Miguel Carrasco
source	https://www.exploit-db.com/download/25395/
title	Sun JavaMail 1.3.2 MimeBodyPart.getFileName Directory Traversal Vulnerability

References

http://marc.info/?l=bugtraq&m=111335615600839&w=2