Intrusion Prevention

Sun.JavaMail.MimeMessage.Constructor.Infromation.Disclosure

Description

It indicates a possible exploit of an information disclosure vulnerability in the JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, that allows remote authenticated users to download arbitrary files.

Affected Products

Sun JavaMail 1.3.2
Sun JavaMail 1.3
Sun JavaMail 1.2
Sun JavaMail 1.1.3

Impact

Information disclosure

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2005-1682