Vulnerability Description
Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Protector For Mail Security | 2.1 |
| Ibm | Proventia Network Mail Security System Firmware | 2.5 |
| Ibm | Proventia Network Mail Security System | All versions |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/49897
- http://www-01.ibm.com/support/docview.wss?uid=swg21605630
- http://www.kb.cert.org/vuls/id/659791US Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76801
- http://secunia.com/advisories/49897
- http://www-01.ibm.com/support/docview.wss?uid=swg21605630
- http://www.kb.cert.org/vuls/id/659791US Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76801
FAQ
What is CVE-2012-2202?
CVE-2012-2202 is a vulnerability with a CVSS score of 3.5 (LOW). Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticate...
How severe is CVE-2012-2202?
CVE-2012-2202 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2202?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Protector For Mail Security, Ibm Proventia Network Mail Security System Firmware, Ibm Proventia Network Mail Security System.