CVE Vulnerability

CVE-2008-5118

Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "frame injection."

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://www.securityfocus.com/bid/32262
http://secunia.com/advisories/32606 Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1
http://www.securitytracker.com/id?1021170
http://www.vupen.com/english/advisories/2008/3128
http://osvdb.org/49769
https://exchange.xforce.ibmcloud.com/vulnerabilities/46555
Configurations

Configuration 1

cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*
Information

Published : 2008-11-18 12:30

Updated : 2017-08-08 01:33

NVD link : CVE-2008-5118

Mitre link : CVE-2008-5118

Products Affected
No products.
CWE
NVD-CWE-Other