IBM Sterling B2B Integrator Lickjacking Attacks Vulnerabilities

Summary

IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks

Credit:

The information has been provided by IBM.


Details

Vulnerable Systems:
 * IBM Sterling B2B Integrator 5.2 before 5020500_8

Immune Systems:
 * IBM Sterling B2B Integrator 5.2 after 5020500_8

IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially crafted HTTP request to hijack the victim’s click actions or launch other client side browser attacks.

CVE Information:
CVE-2015-4992

Disclosure Timeline:
Original release date: 10/05/2015
Last revised: 10/07/2015

Categories: News