Design/Logic Flaw

PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the...

Oracle iPlanet Web Server 7.0.x < 7.0.15 Multiple Vulnerabilities

According to its self-reported version, the Oracle iPlanet Web Server formerly Sun Java System Web Server running on the remote host is 7.0.x prior to 7.0.15. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting vulnerabilities exist due to parameter...

CVE-2012-0516

Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console...

CVE-2012-0516

Oracle iPlanet Web Server 7.0.x (pre-7.0.15) is affected by CVE-2012-0516 due to multiple cross-site scripting vulnerabilities in the Administration console (admingui). Exploitation involves crafting a URL that triggers XSS via interfaces like cchelp2/Masthead.jsp, potentially enabling arbitrary ...

CentOS 5 / 6 : firefox / thunderbird (CESA-2012:0516)

An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...