Frame Injection Vulnerability in Sun Java System Identity Manager
CVE-2008-5118

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Identity Manager
Vendor: CVE Published:; 18 November 2008

What is CVE-2008-5118?

The Sun Java System Identity Manager versions 6.0 through 6.0 SP4, as well as versions 7.0 and 7.1, are susceptible to a frame injection vulnerability. This allows remote attackers to embed malicious frames from external websites into legitimate pages, facilitating phishing attacks. Attackers exploit unspecified vectors to manipulate content, which poses significant security risks to users by deceiving them into providing sensitive information under false pretenses.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://secunia.com/advisories/32606

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/32262

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2008
Vulnerability Reserved
Nov 17, 2008

Oracle

What is CVE-2008-5118?

References

Timeline