Oracle · Javamail · CVE-2005-1105
**Name of the Vulnerable Software and Affected Versions**
JavaMail version 1.3.2
**Description**
A directory traversal issue exists in the MimeBodyPart.getFileName method, allowing remote attackers to write arbitrary files by including a .. (dot dot) in the filename within the Content-Disposition header.
**Recommendations**
For JavaMail version 1.3.2, update to a version that fixes this issue to prevent directory traversal attacks.