The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.
References
Link | Resource |
---|---|
http://www.blackberry.com/btsc/KB37573 | Vendor Advisory |
http://www.securitytracker.com/id/1034154 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-11-19T11:00:00
Updated: 2016-12-05T22:57:01
Reserved: 2015-05-28T00:00:00
Link: CVE-2015-4112
JSON object: View
NVD Information
Status : Modified
Published: 2015-11-19T11:59:00.093
Modified: 2016-12-07T18:11:51.917
Link: CVE-2015-4112
JSON object: View
Redhat Information
No data.
CWE