Intrusion Prevention

Sun.Java.System.Identity.Manager.cntry.parameter.HTML.Injection

Description

This indicates a possible attack against an HTML Injection vulnerability in the Sun Java System Identity Manager.
An attacker may inject malicious HTML code in a Get request.

Affected Products

Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1

Impact

HTML injection

Recommended Actions

Please refer to the vendor's web site for suggested workaround:
http://www.oracle.com/us/products/middleware/identity-management/index.htm

CVE References

CVE-2008-0239