EUVD-2007-2376

Malware in sbrugna...

Design/Logic Flaw

The MochiKit framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2381

The MochiKit framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2381

The MochiKit framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2381

The CVE-2007-2381 issue concerns the MochiKit framework. Affected component: MochiKit’s data exchange using JSON without an accompanying protection scheme. Root cause: data can be obtained by exploiting a page that fetches the JSON via a SCRIPT element’s SRC URL and related JavaScript, i.e., Java...

CVE-2007-2381

The MochiKit framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

PT-2007-3714 · Mochikit · Mochikit

Name of the Vulnerable Software and Affected Versions: MochiKit framework affected versions not specified Description: The issue allows remote attackers to obtain data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...