It has been reported that InterScan VirusWall may to a directory traversal vulnerability that may allow an attacker to request files from the '/ishttp/localweb' directory and any sub directories of 'localweb' with directory traversal strings such as '../'.
Trend Micro InterScan VirusWall contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to the Java Telewindow feature not properly sanitizing user input, specifically traversal style attacks (../../) supplied via URI data.
Currently, there are no known workarounds or upgrades to correct this issue. However, Trend Micro has released a patch to address this vulnerability.