CVE-2008-5118
Published Nov 18, 2008
Last updated 7 years ago
Overview
- Description
- Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "frame injection."
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13445915-DF3D-4C52-B1DC-9FC6BE0DD519"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0C2964C-7435-4999-AF16-01CD9EF5782C"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51CFF484-5A52-41DC-A003-A9319DF2AFB8"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A7E88DA-F3A8-4B0F-AD4F-8680C1FB3282"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "861DEDA3-93A1-405A-BA2F-764AE4219D89"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0980492E-B7DB-4B9F-A400-FDC47DB89A95"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A5C87C0-3734-4568-97A6-6AB8979AABE7"
}
],
"operator": "OR"
}
]
}
]