Directory Traversal Vulnerability in IBM Lotus Protector for Mail Security
CVE-2012-2202

Currently unrated

Key Information:

Vendor

IBM

Vendor
CVE Published:
27 July 2012

What is CVE-2012-2202?

A directory traversal vulnerability exists in the javatester_init.php file of IBM Lotus Protector for Mail Security and IBM ISS Proventia Network Mail Security System. This flaw allows remote authenticated administrators to exploit the template parameter by utilizing sequence patterns to navigate up the directory structure, enabling them to read arbitrary files on the server. Proper input validation sanitization is crucial to mitigate the risks associated with this vulnerability.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.