Unrated severityNVD Advisory· Published Jul 27, 2012· Updated Apr 29, 2026

CVE-2012-2202

Description

Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.

Affected products

IBM/Lotus Protector For Mail Security4 versions
cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*
IBM/Proventia Network Mail Security System Firmware5 versions
cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.6:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/659791nvdUS Government Resource
secunia.com/advisories/49897nvd
www-01.ibm.com/support/docview.wssnvd
exchange.xforce.ibmcloud.com/vulnerabilities/76801nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000