IBM Lotus Protector for Mail Encryption Local File Include Vulnerability



IBM Lotus Protector for Mail Encryption is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer; other attacks are also possible.

IBM Lotus Protector for Mail Encryption 2.1.0.1 Build(88.3.0.1.4323) is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 97373
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 04 2017 12:00AM
Credit: Patrick Webster
Vulnerable: IBM Lotus Protector for Mail Encryption 2.1.0.1 Build(88.3.0


Not Vulnerable:

Exploit


The following exploit is available:


Related Posts