JavaMail API

JavaMail API


JavaMail API

Application Name:

JavaMail API



Assessment Technique(s):

Static Binary Analysis

Assurance Level:

AL4 (High) Exploitation causes serious brand damage and financial loss with long term business impact

VerAfied Since:


Application Description:

The JavaMail API is a set of abstract APIs that model a mail system. The API provides a platform independent and protocol independent framework to build Java technology based email client applications. The JavaMail API provides facilities for reading and sending email. Service providers implement particular protocols. Several service providers are included with the JavaMail API package; others are available separately. The JavaMail API is implemented as a Java optional package that can be used on JDK 1.4 and later on any operating system. The JavaMail API is also a required part of the Java Platform, Enterprise Edition (Java EE).

In its reviewed state JavaMail API 1.4.3 met or exceeded the security score outlined in the Veracode Risk Adjusted Verification Methodology for an application at the assurance level specified above. Veracode’s risk adjusted verification methodology is based on respected industry standards including MITRE’s Common Weakness Enumeration (CWE) for classification of software weaknesses and FIRST’s Common Vulnerability Scoring System (CVSS) for severity and ease of exploitability and NIST's definitions of assurance levels.




While every precaution has been taken in the preparation of this document, Veracode, Inc. assumes no responsibility for errors, omissions, or for damages resulting from the use of the information herein. Due to the nature of software security testing, the lack of discoverable flaws does not mean the software is 100% secure.