Short Name |
HTTP:ORACLE-ID-MANAGER-REDIREC1 |
---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
Oracle Identity Manager backUrl Parameter Open Redirect1 |
Release Date |
2015/10/07 |
Update Number |
2543 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability in the Oracle Identity Manager WebUI. It is due to insufficient validation of user-supplied input. A successful exploit may aid in phishing attacks, other attacks are possible.
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.