| Name | CVE-2007-2385 |
| Description | The Yahoo! UI framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking." |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 557745, 557746, 557748 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| loggerhead (PTS) | bullseye | 1.19~bzr511-1 | fixed |
| bookworm | 2.0.1+bzr541+ds-2 | fixed |
| forky, trixie | 2.0.1+bzr548-1 | fixed |
| sid | 2.0.3-2 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| bcfg2 | source | (unstable) | (not affected) | | | |
| jifty | source | (unstable) | 0.91117-1 | low | | 557748 |
| loggerhead | source | (unstable) | (not affected) | | | |
| moodle | source | (unstable) | (not affected) | | | |
| serendipity | source | (unstable) | 1.5.3-1 | low | | 557746 |
| webgui | source | (unstable) | (not affected) | | | |
| yui | source | (unstable) | (unfixed) | unimportant | | 557745 |
Notes
- bcfg2 <not-affected> (present in source but not included in any binary files)
- moodle <not-affected> (uses system libjs-yui)
- webgui <not-affected> (uses system libjs-yui)
- loggerhead <not-affected> (uses system libjs-yui)
see https://web.archive.org/web/20071105202514/http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
This allows to steal data from affected websites. Therefore web applications should
only be considered vunerabile if they process confidential data.
The frameworks should be fixed in any case.