Bugraq ID: 36926 CVE ID:CVE-2008-7220 Prototype JavaScript Framework是一款由Sam Stephenson开发的JavaScript开发函数库及框架。它提供了完整的Ajax框架及其它的工具。 Prototype JavaScript Framework存在一个未明错误,远程攻击者可以利用漏洞进行一个跨站ajax请求攻击,可以以受影响浏览器安全上下文执行任意代码。 Asterisk包含一个基于AJAX的演示管理接口,ajamdemo.html使用prototype.js框架,受此漏洞影响允许攻击者执行跨站AJAX请求攻击。 Sam Stephenson prototype javascript framework 1.4 Sam Stephenson prototype javascript framework 1.6.0.2 Asterisk Asterisk Business Edition C.3.1.0 Asterisk Asterisk Business Edition C.3.1 1 Asterisk Asterisk Business Edition C.2.4.3 Asterisk Asterisk Business Edition C.2.4.2 Asterisk Asterisk Business Edition C.2.3.3 Asterisk Asterisk Business Edition C.2.3 .2 Asterisk Asterisk Business Edition C.2.3 Asterisk Asterisk Business Edition C.2.1.2.1 Asterisk Asterisk Business Edition B.2.5.9 Asterisk Asterisk Business Edition B.2.5.8 Asterisk Asterisk Business Edition B.2.5.7 Asterisk Asterisk Business Edition B.2.5.6 Asterisk Asterisk Business Edition B.2.5.5 Asterisk Asterisk Business Edition...
Bugraq ID: 36926 CVE ID:CVE-2008-7220 Prototype JavaScript Framework是一款由Sam Stephenson开发的JavaScript开发函数库及框架。它提供了完整的Ajax框架及其它的工具。 Prototype JavaScript Framework存在一个未明错误,远程攻击者可以利用漏洞进行一个跨站ajax请求攻击,可以以受影响浏览器安全上下文执行任意代码。 Asterisk包含一个基于AJAX的演示管理接口,ajamdemo.html使用prototype.js框架,受此漏洞影响允许攻击者执行跨站AJAX请求攻击。 Sam Stephenson prototype javascript framework 1.4 Sam Stephenson prototype javascript framework 1.6.0.2 Asterisk Asterisk Business Edition C.3.1.0 Asterisk Asterisk Business Edition C.3.1 1 Asterisk Asterisk Business Edition C.2.4.3 Asterisk Asterisk Business Edition C.2.4.2 Asterisk Asterisk Business Edition C.2.3.3 Asterisk Asterisk Business Edition C.2.3 .2 Asterisk Asterisk Business Edition C.2.3 Asterisk Asterisk Business Edition C.2.1.2.1 Asterisk Asterisk Business Edition B.2.5.9 Asterisk Asterisk Business Edition B.2.5.8 Asterisk Asterisk Business Edition B.2.5.7 Asterisk Asterisk Business Edition B.2.5.6 Asterisk Asterisk Business Edition B.2.5.5 Asterisk Asterisk Business Edition B.2.5.4 Asterisk Asterisk Business Edition B.2.5.3 Asterisk Asterisk Business Edition B.2.5.2 Asterisk Asterisk Business Edition B.2.5.10 Asterisk Asterisk Business Edition B.2.5.1 Asterisk Asterisk 1.6.1 6 Asterisk Asterisk 1.6.1 5 Asterisk Asterisk 1.6.1 0-rc2 Asterisk Asterisk 1.6.1 0-rc1 Asterisk Asterisk 1.6.1 Asterisk Asterisk 1.6 beta6 Asterisk Asterisk 1.6 6 Asterisk Asterisk 1.6 14 Asterisk Asterisk 1.4.26 2 Asterisk Asterisk 1.4.26 1 Asterisk Asterisk 1.4.26 Asterisk Asterisk 1.4.24 .1 Asterisk Asterisk 1.4.24 Asterisk Asterisk 1.4.9 Asterisk Asterisk 1.4.8 Asterisk Asterisk 1.4.7 Asterisk Asterisk 1.4.6 Asterisk Asterisk 1.4.5 Asterisk Asterisk 1.4.4 Asterisk Asterisk 1.4.3 Asterisk Asterisk 1.6.1.8 Asterisk Asterisk 1.6.1.7 Asterisk Asterisk 1.6 厂商解决方案 用户可参考如下安全公告获得补丁信息: http://github.com/sstephenson/prototype/blob/master/CHANGELOG
