FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-1080

This CVE name corresponds to:

Entered Topic
2005-04-16 jdk -- jar directory traversal vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-1080 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-1080
Phase Assigned(20050412)

Description

Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.

References

Source Reference
BUGTRAQ 20050412 7a69Adv#23 - Jar tool directory transversal vulnerability
MLIST [oss-security] 20100608 Re: jar, fastjar directory traversal vulnerabilities
MLIST [oss-security] 20100608 jar, fastjar directory traversal vulnerabilities
MISC http://www.securiteam.com/securitynews/5IP0C0AFGW.html
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=594497
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=601823
CONFIRM http://advisories.mageia.org/MGASA-2015-0158.html
MANDRIVA MDVSA-2015:212
REDHAT RHSA-2015:0806
REDHAT RHSA-2015:0807
REDHAT RHSA-2015:0808
REDHAT RHSA-2015:0809
SECUNIA 14902

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.