Lucene search
K
SunJava System Identity Manager

8 matches found

CVE
CVE
added 2008/11/18 12:0 a.m.63 views

CVE-2008-5114

Sun Java System Identity Manager is affected by CVE-2008-5114, with multiple XSS vulnerabilities disclosed in versions 6.0 (including SP1-SP4), 7.0, and 7.1. The described issue allows remote attackers to inject arbitrary script/HTML via unspecified vectors. Exploit details and exact affected com...

4.3CVSS5.8AI score0.01953EPSS
CVE
CVE
added 2008/11/18 12:0 a.m.57 views

CVE-2008-5118

Sun Java System Identity Manager 6.0–6.0 SP4, 7.0, and 7.1 are affected by CVE-2008-5118, which enables remote attackers to inject frames from arbitrary sites and perform phishing via frame injection. The root cause is framed content handling that lacks proper validation, enabling cross-site fram...

4.3CVSS6.8AI score0.01985EPSS
CVE
CVE
added 2009/03/25 3:0 p.m.55 views

CVE-2009-1081

CVE-2009-1081 affects Sun Java System Identity Manager (IdM) 7.0–8.0. The issue is multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors (Bug IDs 19595 and 19661). The connected documents do not provide concrete exploi...

4.3CVSS5.9AI score0.0197EPSS
CVE
CVE
added 2008/01/11 10:0 p.m.52 views

CVE-2008-0239

The CVE-2008-0239 issue covers multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager versions 6.0 SP1–SP3, 7.0, and 7.1. The root cause is failure to sanitize user-supplied input in several JSP scripts, allowing remote, unauthenticated attackers to inject arbitra...

4.3CVSS5.9AI score0.05696EPSS
Web
CVE
CVE
added 2009/03/25 3:0 p.m.49 views

CVE-2009-1078

CVE-2009-1078 affects Sun Java System Identity Manager (IdM) 7.0–8.0. The issue is that the product does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, allowing remote authenticated users to have an unspecified impact. The available co...

4CVSS6.6AI score0.01796EPSS
CVE
CVE
added 2009/03/25 3:0 p.m.48 views

CVE-2009-1080

CVE-2009-1080 affects Sun Java System Identity Manager (IdM) 7.0 through 8.0. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors (Bug ID 19033). Affected component: IdM web interfac...

4.3CVSS5.9AI score0.0197EPSS
CVE
CVE
added 2008/01/11 10:0 p.m.45 views

CVE-2008-0240

Sun Java System Identity Manager (versions 6.0 SP1–SP3, 7.0, 7.1) is affected by a vulnerability in /idm/help/index.jsp where the helpUrl parameter can be abused to inject frames from arbitrary sites, enabling phishing-like framing attacks. This aligns with the public CVE-2008-0240 description of...

4.3CVSS6.8AI score0.05836EPSS
Web
CVE
CVE
added 2009/03/25 3:0 p.m.43 views

CVE-2009-1079

CVE-2009-1079 applies to Sun Java System Identity Manager (IdM) 7.0 through 8.0. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors (Bug IDs 19659, 19660, 19683). The affected softw...

4.3CVSS5.9AI score0.0197EPSS