CVE-2005-1105

JavaMail 1.3.2 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in the Content-Disposition header.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Rafael San Miguel Carrasco · textremotemultiple

https://www.exploit-db.com/exploits/25395

View Code ZIP pw:eip

References (1)

Core 1

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111335615600839&w=2

Scores

EPSS 0.0716

EPSS Percentile 91.6%

Details

Status published

Products (1)

sun/javamail 1.3.2

Published May 02, 2005

Tracked Since Feb 18, 2026