CVE-2008-0241
Last modified
CVE-2008-0241 is a vulnerability of currently unknown severity. Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.. EPSS estimates a 2.68% chance of exploitation in the next 30 days.
Description
Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Sun | Java System Identity Manager | 6.0 | Sp1 |
| Sun | Java System Identity Manager | 7.0 | — |
| Sun | Java System Identity Manager | 7.1 | — |
References
- http://secunia.com/advisories/28356Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1Patch, Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200558-1Patch, Vendor Advisory
- http://www.procheckup.com/Vulnerability_PR07-12.phpExploit, Patch
- http://www.vupen.com/english/advisories/2008/0089Vendor Advisory
- http://secunia.com/advisories/28356Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1Patch, Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200558-1Patch, Vendor Advisory
- http://www.procheckup.com/Vulnerability_PR07-12.phpExploit, Patch
- http://www.vupen.com/english/advisories/2008/0089Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-0241?
How severe is CVE-2008-0241?
How do I fix CVE-2008-0241?
Are you affected by CVE-2008-0241?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST