CVE-2008-0241

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Identity Manager
Vendor: CVE Published:; 11 January 2008

Summary

Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.

References

http://www.securityfocus.com/archive/1/486076/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.vupen.com/english/advisories/2008/0089

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Jan 11, 2008
Vulnerability Reserved
Jan 11, 2008