What is the severity of CVE-2012-2955?

CVE-2012-2955 is classified as a medium severity vulnerability due to the potential for cross-site scripting attacks.

How do I fix CVE-2012-2955?

To fix CVE-2012-2955, upgrade to a patched version of IBM Lotus Protector for Mail Security or IBM ISS Proventia Network Mail Security System.

What systems are affected by CVE-2012-2955?

CVE-2012-2955 affects IBM Lotus Protector for Mail Security versions 2.1, 2.5, 2.5.1, and 2.8, as well as IBM ISS Proventia Network Mail Security System firmware versions 2.5, 2.5.0.2, and 2.6.

What kind of attacks can CVE-2012-2955 enable?

CVE-2012-2955 allows remote attackers to execute arbitrary web scripts or HTML through cross-site scripting vulnerabilities.

Is CVE-2012-2955 exploitable without authentication?

Yes, CVE-2012-2955 can be exploited remotely without requiring authentication access to the administrative interface.

Vulnerability/
CVE-2012-2955

medium

4.3

CWE

20/7/2012

22/12/2017

CVE-2012-2955: XSS

First published: Fri Jul 20 2012(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allow remote attackers to inject arbitrary web script or HTML via the query string.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
Ibm Proventia Network Mail Security System Firmware	=2.5
Ibm Proventia Network Mail Security System Firmware	=2.5.0.2
Ibm Proventia Network Mail Security System Firmware	=2.5.1
Ibm Proventia Network Mail Security System Firmware	=2.6
Ibm Proventia Network Mail Security System Firmware	=2.8
IBM Proventia Network Mail Security System
IBM Proventia Network Mail Security System	=ms3004
IBM Lotus Protector for Mail Security	=2.1
IBM Lotus Protector for Mail Security	=2.5
IBM Lotus Protector for Mail Security	=2.5.1
IBM Lotus Protector for Mail Security	=2.8

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2955?
CVE-2012-2955 is classified as a medium severity vulnerability due to the potential for cross-site scripting attacks.
How do I fix CVE-2012-2955?
To fix CVE-2012-2955, upgrade to a patched version of IBM Lotus Protector for Mail Security or IBM ISS Proventia Network Mail Security System.
What systems are affected by CVE-2012-2955?
CVE-2012-2955 affects IBM Lotus Protector for Mail Security versions 2.1, 2.5, 2.5.1, and 2.8, as well as IBM ISS Proventia Network Mail Security System firmware versions 2.5, 2.5.0.2, and 2.6.
What kind of attacks can CVE-2012-2955 enable?
CVE-2012-2955 allows remote attackers to execute arbitrary web scripts or HTML through cross-site scripting vulnerabilities.
Is CVE-2012-2955 exploitable without authentication?
Yes, CVE-2012-2955 can be exploited remotely without requiring authentication access to the administrative interface.

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/nvd-index
vendor/ibm
canonical/ibm proventia network mail security system firmware
version/ibm proventia network mail security system firmware/2.5
version/ibm proventia network mail security system firmware/2.5.0.2
version/ibm proventia network mail security system firmware/2.5.1
version/ibm proventia network mail security system firmware/2.6
version/ibm proventia network mail security system firmware/2.8
canonical/ibm proventia network mail security system
version/ibm proventia network mail security system/ms3004
canonical/ibm lotus protector for mail security
version/ibm lotus protector for mail security/2.1
version/ibm lotus protector for mail security/2.5
version/ibm lotus protector for mail security/2.5.1
version/ibm lotus protector for mail security/2.8

Frequently Asked Questions

What is the severity of CVE-2012-2955?
CVE-2012-2955 is classified as a medium severity vulnerability due to the potential for cross-site scripting attacks.
How do I fix CVE-2012-2955?
To fix CVE-2012-2955, upgrade to a patched version of IBM Lotus Protector for Mail Security or IBM ISS Proventia Network Mail Security System.
What systems are affected by CVE-2012-2955?
CVE-2012-2955 affects IBM Lotus Protector for Mail Security versions 2.1, 2.5, 2.5.1, and 2.8, as well as IBM ISS Proventia Network Mail Security System firmware versions 2.5, 2.5.0.2, and 2.6.
What kind of attacks can CVE-2012-2955 enable?
CVE-2012-2955 allows remote attackers to execute arbitrary web scripts or HTML through cross-site scripting vulnerabilities.
Is CVE-2012-2955 exploitable without authentication?
Yes, CVE-2012-2955 can be exploited remotely without requiring authentication access to the administrative interface.

CVE-2012-2955: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2955?

How do I fix CVE-2012-2955?

What systems are affected by CVE-2012-2955?

What kind of attacks can CVE-2012-2955 enable?

Is CVE-2012-2955 exploitable without authentication?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2012-2955?

How do I fix CVE-2012-2955?

What systems are affected by CVE-2012-2955?

What kind of attacks can CVE-2012-2955 enable?

Is CVE-2012-2955 exploitable without authentication?