[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77986

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-0241

Date: (C)2008-01-11   (M)2017-08-08
 
CVSS Score: 5.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 4.9Authentication: NONE
 Confidentiality: NONE
 Integrity: PARTIAL
 Availability: PARTIAL











Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.

Reference:
SUNALERT-103180
SUNALERT-200558
http://www.securityfocus.com/archive/1/archive/1/486076/100/0/threaded
BID-27214
SECUNIA-28356
SREASON-3535
ADV-2008-0089
http://www.procheckup.com/Vulnerability_PR07-12.php
sun-identity-login-security-bypass(39590)

CPE    2
cpe:/a:sun:java_system_identity_manager:7.0
cpe:/a:sun:java_system_identity_manager:7.1
CWE    1
CWE-20

© 2013 SecPod Technologies