CVE-2005-1080Path Traversal in SDK

CWE-22Path Traversal10 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
4.1%
top 11.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN SDK
Timeline
PublishedMay 2
Latest updateMay 1

Description

Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDsun/sdk1.4.2, 1.5+1

🔴Vulnerability Details

3
GHSA
GHSA-g7vc-f4x5-69xx: Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 12022-05-01
OSV
CVE-2005-1080: Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 12005-05-02
CVEList
CVE-2005-1080: Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 12005-04-12

📋Vendor Advisories

2
Red Hat
fastjar: directory traversal vulnerabilities2010-06-06
Red Hat
jar: directory traversal vulnerability2005-01-04

💬Community

4
Bugzilla
CVE-2015-0480 OpenJDK: jar directory traversal issues (Tools, 8064601)2015-04-14
Bugzilla
jar: directory traversal2015-01-09
Bugzilla
CVE-2005-1080 jar: directory traversal vulnerability2010-06-21
Bugzilla
CVE-2005-1080 jar: directory traversal vulnerabilities [fedora-all]2010-06-08
CVE-2005-1080 — Path Traversal in SUN SDK | cvebase