CVE-2005-1080 | Vulnerability Database | Aqua Security

Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.

Affected Software

Name	Vendor	Start Version	End Version
Sdk	Sun	1.4.2 (including)	1.4.2 (including)
Sdk	Sun	1.5 (including)	1.5 (including)

References

http://advisories.mageia.org/MGASA-2015-0158.html
http://marc.info/?l=bugtraq\u0026m=111331593310508\u0026w=2
http://marc.info/?l=oss-security\u0026m=127602564508766\u0026w=2
http://marc.info/?l=oss-security\u0026m=127603032617644\u0026w=2
http://rhn.redhat.com/errata/RHSA-2015-0806.html
http://rhn.redhat.com/errata/RHSA-2015-0807.html
http://rhn.redhat.com/errata/RHSA-2015-0808.html
http://rhn.redhat.com/errata/RHSA-2015-0809.html
http://rhn.redhat.com/errata/RHSA-2015-0854.html
http://rhn.redhat.com/errata/RHSA-2015-0857.html
http://rhn.redhat.com/errata/RHSA-2015-0858.html
http://rhn.redhat.com/errata/RHSA-2015-1006.html
http://rhn.redhat.com/errata/RHSA-2015-1007.html
http://rhn.redhat.com/errata/RHSA-2015-1020.html
http://rhn.redhat.com/errata/RHSA-2015-1021.html
http://rhn.redhat.com/errata/RHSA-2015-1091.html
http://secunia.com/advisories/14902
http://www.mandriva.com/security/advisories?name=MDVSA-2015:212
http://www.securiteam.com/securitynews/5IP0C0AFGW.html
http://www.securityfocus.com/bid/13083
https://bugzilla.redhat.com/show_bug.cgi?id=594497
https://bugzilla.redhat.com/show_bug.cgi?id=601823

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-1080
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html