Information Disclosure Vulnerability in JavaMail API Used by Apache Tomcat
CVE-2005-1753

Currently unrated

Key Information:

Vendor: Oracle
Status: Javamail
Vendor: CVE Published:; 31 December 2005

What is CVE-2005-1753?

The vulnerability in the JavaMail API, as utilized by Apache Tomcat, exposes sensitive information by allowing remote attackers to access other users' email attachments through direct requests. This issue affects versions 1.1.3 to 1.3 of the JavaMail API, as well as Apache Tomcat version 5.0.16. There are discrepancies regarding the existence of certain references in the report, with Sun and Apache disputing the details. Proper security measures are essential to mitigate the risk of unauthorized data exposure.

References

http://marc.info/?l=bugtraq&m=111697083812367&w=2

mailing-listx_refsource_BUGTRAQ

http://tomcat.apache.org/security-5.html

x_refsource_MISC

Timeline

Vulnerability published
Dec 31, 2005
Vulnerability Reserved
May 26, 2005

Oracle

What is CVE-2005-1753?

References

Timeline