header-logo
Suggest Exploit
vendor:
JavaMail
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: JavaMail
Affected Version From: 1.3.2002
Affected Version To: 1.3.2002
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Sun JavaMail Directory Traversal Vulnerability

Sun JavaMail is prone to a directory traversal vulnerability. This arises because the API fails to properly validate filenames in email attachments received by the applet. This issue was reported to affect JavaMail 1.3.2, however, earlier versions may also be vulnerable.

Mitigation:

Validate filenames in email attachments received by the applet.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13141/info

Sun JavaMail is prone to a directory traversal vulnerability. This arises because the API fails to properly validate filenames in email attachments received by the applet.

This issue was reported to affect JavaMail 1.3.2, however, earlier versions may also be vulnerable. 

Content-Disposition: ../../../file.ext

Navigation

Suggest Exploit

Services By CQR