Frame Injection Vulnerability in Sun Java System Identity Manager
CVE-2008-0240

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Identity Manager
Vendor
CVE Published:
11 January 2008

What is CVE-2008-0240?

A vulnerability exists in the helpUrl parameter of the Sun Java System Identity Manager, allowing remote attackers to inject frames from arbitrary websites. This could lead to phishing attacks, as users may unwittingly interact with malicious content. Proper input validation is essential to mitigate this type of vulnerability and protect sensitive user data.

References

http://www.securityfocus.com/archive/1/486076/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT
http://www.vupen.com/english/advisories/2008/0089
vdb-entryx_refsource_VUPEN

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.