First published: Tue Nov 18 2008(Updated: )
Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "frame injection."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sun Java System Identity Manager | =6.0-sp2 | |
Sun Java System Identity Manager | =7.0 | |
Sun Java System Identity Manager | =6.0-sp1 | |
Sun Java System Identity Manager | =7.1 | |
Sun Java System Identity Manager | =6.0-sp3 | |
Sun Java System Identity Manager | =6.0-sp4 | |
Sun Java System Identity Manager | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-5118 is considered a medium severity vulnerability as it allows remote attackers to inject frames leading to potential phishing attacks.
The recommended fix for CVE-2008-5118 is to upgrade to a version of Sun Java System Identity Manager that is not affected by this vulnerability.
CVE-2008-5118 affects Sun Java System Identity Manager versions 6.0 through 6.0 SP4, 7.0, and 7.1.
CVE-2008-5118 can enable attackers to conduct phishing attacks, compromising sensitive user information.
Yes, CVE-2008-5118 is a web vulnerability that involves frame injection from arbitrary websites.