CVE-2008-5114

Published: Nov 18, 2008Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (7)

Products: Sun: Java System Identity Manager

1 product

Java System Identity Manager

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Sun Java System Identity Manager	Version 6.0
Sun Java System Identity Manager	Version 6.0 sp1
Sun Java System Identity Manager	Version 6.0 sp2
Sun Java System Identity Manager	Version 6.0 sp3
Sun Java System Identity Manager	Version 6.0 sp4
Sun Java System Identity Manager	Version 7.0
Sun Java System Identity Manager	Version 7.1

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (14)

http://osvdb.org/49765

Source: cve@mitre.org

http://secunia.com/advisories/32606

Source: cve@mitre.org

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/32262

Source: cve@mitre.org

http://www.securitytracker.com/id?1021170

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/3128

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46552

Source: cve@mitre.org

http://osvdb.org/49765

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32606

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/32262

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1021170

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/3128

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/46552

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.