CVE

Id
29416  
CVE No.
CVE-2007-6059  
Status
Candidate  
Description
** DISPUTED ** Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service (connection pool exhaustion) via a large number of requests, resulting in a SQLNestedException. NOTE: Sun disputes this issue, stating "The report makes references to source code and files that do not exist in the mentioned products."  
Phase
Assigned (20071120)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
309340 29416 CVE-2007-6059 BUGTRAQ:20071116 Javamail login username and password same email problem  View
309341 29416 CVE-2007-6059 URL:http://archives.neohapsis.com/archives/bugtraq/2007-11/0239.html  View
309342 29416 CVE-2007-6059 OSVDB:45299  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
54224 JVNDB-2007-002916 Audacity におけるサービス運用妨害 (DoS) の脆弱性 Audacity には、過去のディレクトリの存在をチェックしないで予想可能な名前を持つテンポラリディレクトリを作成するため、サービス運用妨害 (デッドロックの記録) 状態となる脆弱性が存在します。 CVE-2007-6061 29416 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002916.html  View