Directory traversal

2012-07-2710:27:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.0%

JSON

Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a … (dot dot) in the template parameter.

CPENameOperatorVersion
lotus_protector_for_mail_securityeq2.8
lotus_protector_for_mail_securityeq2.1
lotus_protector_for_mail_securityeq2.5
lotus_protector_for_mail_securityeq2.5.1
proventia_network_mail_security_system_firmwareeq2.5
proventia_network_mail_security_system_firmwareeq2.5.0.2
proventia_network_mail_security_system_firmwareeq2.5.1
proventia_network_mail_security_system_firmwareeq2.6
proventia_network_mail_security_system_firmwareeq2.8

Name	Operator	Version
lotus_protector_for_mail_security	eq	2.8
lotus_protector_for_mail_security	eq	2.1
lotus_protector_for_mail_security	eq	2.5
lotus_protector_for_mail_security	eq	2.5.1
proventia_network_mail_security_system_firmware	eq	2.5
proventia_network_mail_security_system_firmware	eq	2.5.0.2
proventia_network_mail_security_system_firmware	eq	2.5.1
proventia_network_mail_security_system_firmware	eq	2.6
proventia_network_mail_security_system_firmware	eq	2.8