3797 matches found
CVE-2014-6197
IBM Security Network Protection 5.1.x and 5.2.x before 5.2.0.0 FP5 and 5.3.x before 5.3.0.0 FP1 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2014-6197
CVE-2014-6197 affects IBM Security Network Protection (XGS) models 3100, 4100, 5100, 7100. The vulnerability is a remote clickjacking issue that could allow an attacker to hijack a victim’s clicks when visiting a malicious page. Affected firmware versions include 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2, ...
e107 2.0 Alpha2 Cross Site Request Forgery
Advisory: CSRF vulnerability in CMS e107 v.2 alpha2 Advisory ID: SROEADV-2014-04 Author: Steffen Rösemann Affected Software: CMS e107 v.2 alpha2 Release-Date: 08th-Jun-2014 Vendor URL: http://e107.org Vendor Status: solved CVE-ID: - ========================== Vulnerability Description:...
IBM Security Access Manager Clickjacking Vulnerability
IBM Security Access Manager software is a highly scalable user authentication, authorization and Web SSO solution for implementing security policies on a variety of Web and application resources, centralized management of online portals. A clickjacking vulnerability exists in IBM Security Access...
IBM WebSphere Application Server Clickjacking Vulnerability
IBM WebSphere Application Server is developed by IBM in accordance with open standards and issued an application server. A clickjacking vulnerability in IBM WebSphere Application Server versions 7.x prior to 7.0.0.37, 8.0.x prior to 8.0.0.10, and 8.5.x prior to 8.5.5.4 allows remote attackers to...
CVE-2014-6135
IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
Code injection
IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2014-6135
IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2014-6135
CVE-2014-6135 affects IBM Security AppScan Enterprise, specifically versions 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001. The issue allows remote attackers to perform clickjacking ...
CVE-2014-6174
IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2014-6076
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site...
Code injection
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site...
Code injection
IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2014-6076
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2014-6174
IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2014-6076
CVE-2014-6076 is a clickjacking vulnerability in IBM Security Access Manager for Mobile (8.x before 8.0.1) and IBM Security Access Manager for Web (7.x before 7.0.0 FP10 and 8.x before 8.0.1). Remote attackers can lure a user to load a crafted site to hijack clicking actions. IBM’s bulletin lists...
CVE-2014-6174
CVE-2014-6174 affects IBM WebSphere Application Server across multiple lines: 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4. It enables remote attackers to hijack the user’s click actions via a crafted HTTP request (clickjacking). Remediation per connected sources: upgrade ...
CVE-2014-6105
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
Code injection
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2014-6105
IBM Security Identity Manager (SIM) 6.x prior to 6.0.0.3 IF14 is affected by a clickjacking vulnerability. A remote attacker could hijack the victim’s clicking actions by persuading them to visit a malicious page; no authentication is required. Impact is limited to the client-side click actions, ...