ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-05-21T16:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2005-05-26T00:00:00
Link: CVE-2005-1753
JSON object: View
NVD Information
Status : Modified
Published: 2005-12-31T05:00:00.000
Modified: 2024-05-17T00:24:55.710
Link: CVE-2005-1753
JSON object: View
Redhat Information
No data.
CWE