Intrusion Prevention

Sun.Java.System.Identity.Manager.activeControl.XSS

Description

This indicates a possible attack against an XSS vulnerability in the Sun Java System Identity Manager.

Affected Products

Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 6.0 SP3
Sun Java System Identity Manager 6.0 SP2
Sun Java System Identity Manager 6.0 SP1
Sun Java System Identity Manager 6.0

Impact

Information Disclosure: Cross Site Scripting.

Recommended Actions

Please refer to the vendor's web site for suggested workaround:
http://www.oracle.com/us/products/middleware/identity-management/index.htm

CVE References

CVE-2008-0239