Sign-up

ID

VAR-201207-0234


CVE

CVE-2012-2955


TITLE

IBM ISS Proventia Mail Security contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#659791

DESCRIPTION

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allow remote attackers to inject arbitrary web script or HTML via the query string. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. IBM Lotus Protector for Mail Security is a set of IBM Lotus Notes, IBM Lotus Domino, Microsoft Exchange and hybrid e-mail environment to provide e-mail content filtering solutions. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML through query strings, and leak arbitrary file content. Vulnerabilities exist in IBM Lotus Protector versions 2.5, 2.5.1, and 2.8. ---------------------------------------------------------------------- We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi ---------------------------------------------------------------------- TITLE: IBM Lotus Protector for Mail Security Information Disclosure Weakness SECUNIA ADVISORY ID: SA49897 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49897/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49897 RELEASE DATE: 2012-07-17 DISCUSS ADVISORY: http://secunia.com/advisories/49897/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49897/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49897 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in IBM Lotus Protector for Mail Security, which can be exploited by malicious users to disclose potentially sensitive information. Certain input to the management interface is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files. Successful exploitation requires access to the administrative user interface (UI). The weakness is reported in versions 2.5, 2.5.1, and 2.8. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21605199 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2012-2955 // CERT/CC: VU#659791 // JVNDB: JVNDB-2012-003241 // BID: 54486 // VULHUB: VHN-56236 // PACKETSTORM: 114816

AFFECTED PRODUCTS

vendor:ibmmodel:proventia network mail security systemscope: - version: -

Trust: 1.6

vendor:ibmmodel:lotus protector for mail securityscope:eqversion:2.5.1

Trust: 1.6

vendor:ibmmodel:proventia network mail security systemscope:eqversion:2.6

Trust: 1.6

vendor:ibmmodel:lotus protector for mail securityscope:eqversion:2.8

Trust: 1.6

vendor:ibmmodel:lotus protector for mail securityscope:eqversion:2.1

Trust: 1.6

vendor:ibmmodel:proventia network mail security systemscope:eqversion:2.5

Trust: 1.6

vendor:ibmmodel:proventia network mail security systemscope:eqversion:2.5.1

Trust: 1.6

vendor:ibmmodel:lotus protector for mail securityscope:eqversion:2.5

Trust: 1.6

vendor:ibmmodel:proventia network mail security systemscope:eqversion:2.8

Trust: 1.6

vendor:ibmmodel:proventia network mail security systemscope:eqversion:2.5.0.2

Trust: 1.6

vendor:ibmmodel:proventia network mail security systemscope:eqversion:*

Trust: 1.0

vendor:ibmmodel:proventia network mail security systemscope:eqversion:ms3004

Trust: 1.0

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel:lotus protector for mail securityscope: - version: -

Trust: 0.8

sources: CERT/CC: VU#659791 // JVNDB: JVNDB-2012-003241 // CNNVD: CNNVD-201207-345 // NVD: CVE-2012-2955

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-2955
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-2955
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201207-345
value: MEDIUM

Trust: 0.6

VULHUB: VHN-56236
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-2955
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-56236
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-56236 // JVNDB: JVNDB-2012-003241 // CNNVD: CNNVD-201207-345 // NVD: CVE-2012-2955

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-56236 // JVNDB: JVNDB-2012-003241 // NVD: CVE-2012-2955

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201207-345

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201207-345

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-003241

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-56236

PATCH
title:1605626url:http://www-01.ibm.com/support/docview.wss?uid=swg21605626
Trust: 0.8
title:repotools-1.1.3-16059.i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43937
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2012-003241 // 
            
            
            
            CNNVD: CNNVD-201207-345

EXTERNAL IDS
db:NVDid:CVE-2012-2955
Trust: 2.8
db:CERT/CCid:VU#659791
Trust: 2.7
db:SECUNIAid:49897
Trust: 1.8
db:BIDid:54486
Trust: 1.4
db:OSVDBid:84014
Trust: 1.1
db:JVNDBid:JVNDB-2012-003241
Trust: 0.8
db:CNNVDid:CNNVD-201207-345
Trust: 0.7
db:XFid:76798
Trust: 0.6
db:NSFOCUSid:20015
Trust: 0.6
db:EXPLOIT-DBid:20368
Trust: 0.1
db:VULHUBid:VHN-56236
Trust: 0.1
db:PACKETSTORMid:114816
Trust: 0.1
sources:
            
            
            CERT/CC: VU#659791 // 
            
            
            
            VULHUB: VHN-56236 // 
            
            
            
            BID: 54486 // 
            
            
            
            JVNDB: JVNDB-2012-003241 // 
            
            
            
            PACKETSTORM: 114816 // 
            
            
            
            CNNVD: CNNVD-201207-345 // 
            
            
            
            NVD: CVE-2012-2955

REFERENCES
url:http://www-01.ibm.com/support/docview.wss?uid=swg21605626
Trust: 2.5
url:http://www.kb.cert.org/vuls/id/659791
Trust: 1.9
url:http://secunia.com/advisories/49897
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg21605630
Trust: 1.6
url:http://www.securityfocus.com/bid/54486
Trust: 1.1
url:http://osvdb.org/84014
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/76798
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2955
Trust: 0.8
url:http://jvn.jp/cert/jvnvu659791
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2955
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/76798
Trust: 0.6
url:http://www.nsfocus.net/vulndb/20015
Trust: 0.6
url:http://secunia.com/psi
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://www.ibm.com/support/docview.wss?uid=swg21605199
Trust: 0.1
url:http://secunia.com/advisories/49897/#comments
Trust: 0.1
url:http://secunia.com/advisories/49897/
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=49897
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#659791 // 
            
            
            
            VULHUB: VHN-56236 // 
            
            
            
            JVNDB: JVNDB-2012-003241 // 
            
            
            
            PACKETSTORM: 114816 // 
            
            
            
            CNNVD: CNNVD-201207-345 // 
            
            
            
            NVD: CVE-2012-2955

CREDITS
Reported by the vendor.
Trust: 0.3
sources:
            
            
            BID: 54486

SOURCES
db:CERT/CCid:VU#659791
db:VULHUBid:VHN-56236
db:BIDid:54486
db:JVNDBid:JVNDB-2012-003241
db:PACKETSTORMid:114816
db:CNNVDid:CNNVD-201207-345
db:NVDid:CVE-2012-2955

LAST UPDATE DATE
2025-04-11T22:53:40.130000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#659791date:2012-07-25T00:00:00
db:VULHUBid:VHN-56236date:2017-12-22T00:00:00
db:BIDid:54486date:2012-08-08T18:52:00
db:JVNDBid:JVNDB-2012-003241date:2012-07-23T00:00:00
db:CNNVDid:CNNVD-201207-345date:2012-07-19T00:00:00
db:NVDid:CVE-2012-2955date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CERT/CCid:VU#659791date:2012-07-25T00:00:00
db:VULHUBid:VHN-56236date:2012-07-20T00:00:00
db:BIDid:54486date:2012-07-17T00:00:00
db:JVNDBid:JVNDB-2012-003241date:2012-07-23T00:00:00
db:PACKETSTORMid:114816date:2012-07-17T02:48:11
db:CNNVDid:CNNVD-201207-345date:2012-07-19T00:00:00
db:NVDid:CVE-2012-2955date:2012-07-20T10:40:37