CVE-2008-0240

N/A Unknown

Published: January 11, 2008 Modified: April 23, 2026

Description

/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/28356

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/3535

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200558-1

Source: cve@mitre.org

http://www.procheckup.com/Vulnerability_PR07-10.php

Source: cve@mitre.org

Exploit Patch

http://www.securityfocus.com/archive/1/486076/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/27214

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0089

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/39586

Source: cve@mitre.org

http://secunia.com/advisories/28356