Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0241

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2008-0241
Last Modified 26 Aug 2011 12:00:00
Published 11 Jan 2008 05:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0241

Summary

Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.

Vulnerable Systems

Application

  • Sun Java System Identity Manager 6.0

  • Sun Java System Identity Manager 7.0

  • Sun Java System Identity Manager 7.1


References

MISC - http://www.procheckup.com/Vulnerability_PR07-12.php

SUNALERT - 200558

SUNALERT - 103180

XF - sun-identity-login-security-bypass(39590)

VUPEN - ADV-2008-0089

BID - 27214

BUGTRAQ - 20080110 PR07-06, PR07-07, PR07-08, PR07-09, PR07-10, PR07-12: Several XSS, Cross-domain Redirection and Frame Injection on Sun Java System Identity Manager

SREASON - 3535

SECUNIA - 28356


Last Updated: 27 May 2016 10:46:44