Description
Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "frame injection."
References (7)
Core 7
Core References
Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32606
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46555
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32262
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3128
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/49769
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1021170
Scores
EPSS
0.0072
EPSS Percentile
72.6%
Details
Status
published
Products (3)
sun/java_system_identity_manager
6.0 (5 CPE variants)
sun/java_system_identity_manager
7.0
sun/java_system_identity_manager
7.1
Published
Nov 18, 2008
Tracked Since
Feb 18, 2026