SEC-CONSULT Security Advisory 20051212-0 - Due to insufficient input validation within the Nortel SSL VPN appliance's web interface, it is possible for an attacker to supply his victim with a malicious link that results in code execution on the victim's client. The problem has been reproduced with version 4.2.1.6, however other versions might be vulnerable as well.
e737b6c4b673f2f6f1dbf7cd8019450391400b84e288a3d5d30d3947f18fc0a2