CVE-2016-0734 in Oracle Enterprise Managerinfo

Summary

The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.

Reservation

12/16/2015

Disclosure

04/07/2016

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
95579	Oracle Enterprise Manager Ops Center 7pk security	254	Not defined	Official fix	CVE-2016-0734
81696	Apache ActiveMQ HTTP Header 7pk security	254	Not defined	Official fix	CVE-2016-0734

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!