Lucene search
RedhatCVELIST:CVE-2016-0734HistoryApr 07, 2016 - 7:00 p.m.
CVE-2016-0734
2016-04-0719:00:00
redhat
www.cve.org
1
The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.
References
activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt
www.openwall.com/lists/oss-security/2016/03/10/11
www.securityfocus.com/bid/84321
www.securitytracker.com/id/1035327
access.redhat.com/errata/RHSA-2016:1424
lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
Related
debiancve
debiancve
CVE-2016-0734
2016-04-07 19:59:01
nvd
nvd
CVE-2016-0734
2016-04-07 19:59:01
nessus
nessus
FreeBSD : activemq -- Web Console Clickjacking (950b2d60-f2a9-11e5-b4a9-ac220bdcec59)
2016-03-28 00:00:00
Apache ActiveMQ Web Console Missing X-Frame-Options Clickjacking
2016-03-18 00:00:00
Apache ActiveMQ 5.x < 5.13.2 Multiple Vulnerabilities
2016-03-18 00:00:00
cve
cve
CVE-2016-0734
2016-04-07 19:59:01
osv
osv
openvas
openvas
Apache ActiveMQ Clickjacking Vulnerability (May 2016)
2016-05-05 00:00:00
freebsd
freebsd
activemq -- Web Console Clickjacking
2016-03-10 00:00:00
github
github
ubuntucve
ubuntucve
CVE-2016-0734
2016-04-07 00:00:00
prion
prion
Design/Logic Flaw
2016-04-07 19:59:00
redhat
redhat
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - January 2017
2017-01-17 00:00:00