Vulnerability Details : CVE-2005-1080
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.
Vulnerability category: Directory traversal
Products affected by CVE-2005-1080
- cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:sdk:1.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-1080
0.64%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-1080
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2005-1080
-
http://marc.info/?l=bugtraq&m=111331593310508&w=2
-
http://www.securiteam.com/securitynews/5IP0C0AFGW.html
Exploit;Vendor Advisory
-
http://marc.info/?l=oss-security&m=127603032617644&w=2
'Re: [oss-security] jar, fastjar directory traversal vulnerabilities' - MARC
-
http://rhn.redhat.com/errata/RHSA-2015-1020.html
RHSA-2015:1020 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-1091.html
RHSA-2015:1091 - Security Advisory - Red Hat Customer Portal
-
http://advisories.mageia.org/MGASA-2015-0158.html
Mageia Advisory: MGASA-2015-0158 - Updated java-1.7.0-openjdk packages fix security vulnerabilities
-
http://rhn.redhat.com/errata/RHSA-2015-0857.html
RHSA-2015:0857 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=594497
594497 – (CVE-2010-0831, CVE-2010-2322) CVE-2010-0831 CVE-2010-2322 fastjar: directory traversal vulnerabilities
-
http://rhn.redhat.com/errata/RHSA-2015-0808.html
RHSA-2015:0808 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-1007.html
RHSA-2015:1007 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-1021.html
RHSA-2015:1021 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=601823
601823 – CVE-2010-0831 jar, fastjar: directory traversal vulnerabilities [fedora-all]
-
http://rhn.redhat.com/errata/RHSA-2015-0807.html
RHSA-2015:0807 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-0858.html
RHSA-2015:0858 - Security Advisory - Red Hat Customer Portal
-
http://www.mandriva.com/security/advisories?name=MDVSA-2015:212
mandriva.com
-
http://rhn.redhat.com/errata/RHSA-2015-0854.html
RHSA-2015:0854 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-0806.html
RHSA-2015:0806 - Security Advisory - Red Hat Customer Portal
-
http://marc.info/?l=oss-security&m=127602564508766&w=2
'[oss-security] jar, fastjar directory traversal vulnerabilities' - MARC
-
http://rhn.redhat.com/errata/RHSA-2015-0809.html
RHSA-2015:0809 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/13083
-
http://rhn.redhat.com/errata/RHSA-2015-1006.html
RHSA-2015:1006 - Security Advisory - Red Hat Customer Portal
Jump to