CVE-2013-0518

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Secure Proxy
Vendor: CVE Published:; 10 May 2013

Summary

IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 does not refuse to be rendered in different-origin frames, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/83128

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21636369

x_refsource_CONFIRM

Timeline

Vulnerability published
May 10, 2013
Vulnerability Reserved
Dec 16, 2012