CVE-2012-2202
published 2012-07-27CVE-2012-2202: Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail…
PriorityP425low3.5CVSS 2.0
AVNACMAuSCPINAN
EXPLOIT
EPSS
3.04%
85.9th percentile
Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | lotus_protector_for_mail_security | — | — |
| ibm | lotus_protector_for_mail_security | — | — |
| ibm | lotus_protector_for_mail_security | — | — |
| ibm | lotus_protector_for_mail_security | — | — |
| ibm | proventia_network_mail_security_system_firmware | — | — |
| ibm | proventia_network_mail_security_system_firmware | — | — |
| ibm | proventia_network_mail_security_system_firmware | — | — |
| ibm | proventia_network_mail_security_system_firmware | — | — |
| ibm | proventia_network_mail_security_system_firmware | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/49897http://www-01.ibm.com/support/docview.wss?uid=swg21605630http://www.kb.cert.org/vuls/id/659791https://exchange.xforce.ibmcloud.com/vulnerabilities/76801http://secunia.com/advisories/49897http://www-01.ibm.com/support/docview.wss?uid=swg21605630http://www.kb.cert.org/vuls/id/659791https://exchange.xforce.ibmcloud.com/vulnerabilities/76801
2012-07-27
Published