Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7220

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-7220
Last Modified 01 Feb 2011 12:00:00
Published 13 Sep 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7220

Summary

Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make "cross-site ajax requests" via unknown vectors.

Vulnerable Systems

Application

  • Prototypejs Prototype Javascript Framework 1.5.0

  • Prototypejs Prototype Javascript Framework 1.5.1

  • Prototypejs Prototype Javascript Framework 1.6.0.1


References

FEDORA - FEDORA-2009-11126

FEDORA - FEDORA-2009-11070

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=533137

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=523277

MLIST - [oss-security] 20091107 Re: CVE Request - Asterisk (AST-2009-008.html)

DEBIAN - DSA-1952

SECUNIA - 37677

SECUNIA - 37479

OSVDB - 46312

CONFIRM - http://github.com/sstephenson/prototype/blob/master/CHANGELOG


Last Updated: 27 May 2016 10:49:30