CVE-2008-0240
6.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
79.1%
/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka “frame injection.”
Affected configurations
References
secunia.com/advisories/28356
securityreason.com/securityalert/3535
sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1
sunsolve.sun.com/search/document.do?assetkey=1-66-200558-1
www.procheckup.com/Vulnerability_PR07-10.php
www.securityfocus.com/archive/1/486076/100/0/threaded
www.securityfocus.com/bid/27214
www.vupen.com/english/advisories/2008/0089
exchange.xforce.ibmcloud.com/vulnerabilities/39586
Related
6.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
79.1%