First published: Tue Nov 18 2008(Updated: )
Open redirect vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sun Java System Identity Manager | =6.0-sp2 | |
Sun Java System Identity Manager | =7.0 | |
Sun Java System Identity Manager | =6.0-sp1 | |
Sun Java System Identity Manager | =7.1 | |
Sun Java System Identity Manager | =6.0-sp3 | |
Sun Java System Identity Manager | =6.0-sp4 | |
Sun Java System Identity Manager | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-5117 is classified as a medium severity vulnerability due to its potential for phishing attacks.
To mitigate CVE-2008-5117, upgrade to a patched version of Sun Java System Identity Manager that addresses the open redirect issue.
CVE-2008-5117 affects versions 6.0 through 6.0 SP4, and 7.0 and 7.1 of Sun Java System Identity Manager.
CVE-2008-5117 can be exploited to redirect users to arbitrary websites, facilitating phishing attacks.
There are no formal workarounds for CVE-2008-5117; the recommended action is to upgrade to a secure version.