Intrusion Prevention

Sun.Java.System.Identity.Manager.CrossDomain.Redirect

Description

This indicates a possible attack against an HTML Injection vulnerability in the Sun Java System Identity Manager.
An attacker may inject malicious HTML code in a Get request.

Affected Products

Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 6.0 SP3
Sun Java System Identity Manager 6.0 SP2
Sun Java System Identity Manager 6.0 SP1
Sun Java System Identity Manager 6.0

Impact

HTML Injection

Recommended Actions

Please refer to the vendor's web site for suggested workaround:
http://www.oracle.com/us/products/middleware/identity-management/index.htm

CVE References

CVE-2008-0239