Published: 27/07/2012 Updated: 22/12/2017

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

VMScore: 355

Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N

Subscribe to Lotus Protector For Mail Security

Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm lotus protector for mail security 2.5
ibm lotus protector for mail security 2.5.1
ibm lotus protector for mail security 2.8
ibm lotus protector for mail security 2.1
ibm proventia_network_mail_security_system_firmware 2.8
ibm proventia_network_mail_security_system_firmware 2.6
ibm proventia_network_mail_security_system_firmware 2.5.0.2
ibm proventia_network_mail_security_system_firmware 2.5.1
ibm proventia_network_mail_security_system_firmware 2.5

#!/usr/bin/python ''' Author: muts of Offensive Security Product: IBM ISS Proventia Mail Security Version: 25 Vendor Site: wwwibmcom/us/en/ Product Page: www-935ibmcom/services/us/en/it-services/proventia-network-mail-security-systemhtml Timeline: 04 Jun 2012: Vulnerability reported to CERT 08 Jun 2012: Response received fro ...

CWE-22 http://www-01.ibm.com/support/docview.wss?uid=swg21605630 http://www.kb.cert.org/vuls/id/659791 https://exchange.xforce.ibmcloud.com/vulnerabilities/76801 http://secunia.com/advisories/49897 https://nvd.nist.gov https://www.exploit-db.com/exploits/20368/https://www.kb.cert.org/vuls/id/659791

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2202

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect