If anyone is interested, I opened an SR this morning and Oracle Support has confirmed that iPlanet Web Server is not vulnerable to CVE-2014-0160 (HeartBleed) as it uses NSS for SSL/TLS rather than OpenSSL.
Thank you very very very much! Saved me the trouble of finding this out! Appreciate it Bill!
You might also be interested in the public page on that issue
OpenSSL Heartbleed Vulnerability CVE-2014-0160