{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-11-11T00:00:00", "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "243386", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1"}, {"name": "32606", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32606"}, {"name": "32262", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32262"}, {"name": "49768", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/49768"}, {"name": "sun-jsim-unspecified-redirect(46556)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46556"}, {"name": "ADV-2008-3128", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/3128"}, {"name": "1021170", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021170"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5117", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Open redirect vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "243386", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1"}, {"name": "32606", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32606"}, {"name": "32262", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32262"}, {"name": "49768", "refsource": "OSVDB", "url": "http://osvdb.org/49768"}, {"name": "sun-jsim-unspecified-redirect(46556)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46556"}, {"name": "ADV-2008-3128", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/3128"}, {"name": "1021170", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021170"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5117", "datePublished": "2008-11-18T00:00:00", "dateReserved": "2008-11-17T00:00:00", "dateUpdated": "2017-08-07T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "13445915-DF3D-4C52-B1DC-9FC6BE0DD519", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "D0C2964C-7435-4999-AF16-01CD9EF5782C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "51CFF484-5A52-41DC-A003-A9319DF2AFB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "9A7E88DA-F3A8-4B0F-AD4F-8680C1FB3282", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*", "matchCriteriaId": "861DEDA3-93A1-405A-BA2F-764AE4219D89", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "0980492E-B7DB-4B9F-A400-FDC47DB89A95", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A5C87C0-3734-4568-97A6-6AB8979AABE7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad involuntaria de redirecci\u00f3n en Sun Java System Identity Manager v6.0 a v6.0 SP4, v7.0, y v7.1, permite a atacantes remotos, redireccionar a usuarios a sitios web de su elecci\u00f3n y llevar a cabo ataques de phishing a trav\u00e9s de vectores no especificados."}], "id": "CVE-2008-5117", "lastModified": "2017-08-08T01:33:07.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-11-18T00:30:00.437", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/49768"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32606"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/32262"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021170"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/3128"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46556"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}