PT-2005-2726 · Oracle +1 · Javamail Api +1

Name of the Vulnerable Software and Affected Versions: JavaMail API versions 1.1.3 through 1.3 Description: The issue allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. It is worth noting that Sun and Apache dispute this issue, with Sun...