Oracle.iPlanet.Admin.Panel.admingui.Image.Injection

description-logoDescription

This indicates an attack attempt to exploit an Image Injection Vulnerability in Oracle iPlanet Admin Panel.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may perform phishing attacks by injecting a custom image in the admin panel.

affected-products-logoAffected Products

Oracle iPlanet Web Server versions 7.0

Impact logoImpact

Security Bypass: Remote attackers can bypass security checking of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-06-30 15.876 Default_action:pass:drop
2020-06-16 15.865