IBM Tivoli Directory Server 6.0.x / 6.1 < 220.127.116.11 / 6.2 < 18.104.22.168 / 6.3 < 22.214.171.124 Javadoc Frame Injection
Medium Nessus Plugin ID 74369
The version of IBM Tivoli Directory Server is affected by a frame injection vulnerability.
According to its version, the installation of IBM Tivoli Directory Server on the remote host is 6.0.x or 6.1 < 126.96.36.199 / 6.2 < 188.8.131.52 / 6.3 < 184.108.40.206. It is, therefore, affected by an error related to the included Java version and input-validation that allows an attacker to inject HTML frames into documents created by Javadoc.
Install the appropriate fix based on the vendor's advisory : - 220.127.116.11-ISS-ITDS-IF0058 - 18.104.22.168-ISS-ITDS-IF0033 - 22.214.171.124-ISS-ITDS-IF0025