CVE-2012-2202

Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
ibmlotus_protector_for_mail_security
2.1
ibmlotus_protector_for_mail_security
2.5
ibmlotus_protector_for_mail_security
2.5.1
ibmlotus_protector_for_mail_security
2.8
ibmproventia_network_mail_security_system_firmware
2.5
ibmproventia_network_mail_security_system_firmware
2.5.0.2
ibmproventia_network_mail_security_system_firmware
2.5.1
ibmproventia_network_mail_security_system_firmware
2.6
ibmproventia_network_mail_security_system_firmware
2.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/49897
http://www-01.ibm.com/support/docview.wss?uid=swg21605630
http://www.kb.cert.org/vuls/id/659791
https://exchange.xforce.ibmcloud.com/vulnerabilities/76801
http://secunia.com/advisories/49897
http://www-01.ibm.com/support/docview.wss?uid=swg21605630
http://www.kb.cert.org/vuls/id/659791
https://exchange.xforce.ibmcloud.com/vulnerabilities/76801