CVE-2012-2955

Published: Jul 20, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allow remote attackers to inject arbitrary web script or HTML via the query string.

Affected (11)

Products: Ibm: Proventia Network Mail Security System Firmware, Proventia Network Mail Security System, Lotus Protector For Mail Security

Ibm

3 products

Proventia Network Mail Security System Firmware

Proventia Network Mail Security System

Lotus Protector For Mail Security

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Ibm Proventia Network Mail Security System Firmware	Version 2.5.0.2
Ibm Proventia Network Mail Security System Firmware	Version 2.5.1
Ibm Proventia Network Mail Security System Firmware	Version 2.5
Ibm Proventia Network Mail Security System Firmware	Version 2.6
Ibm Proventia Network Mail Security System Firmware	Version 2.8
Ibm Proventia Network Mail Security System	All versions
Ibm Proventia Network Mail Security System	Version ms3004

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Ibm Lotus Protector For Mail Security	Version 2.1
Ibm Lotus Protector For Mail Security	Version 2.5.1
Ibm Lotus Protector For Mail Security	Version 2.5
Ibm Lotus Protector For Mail Security	Version 2.8