Secunia
Login
|
|
CVE Reference: CVE-2008-7139 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-7139 |
|
|
Description: Multiple cross-site request forgery (CSRF) vulnerabilities in WS-Proxy in Eye-Fi 1.1.2 allow remote attackers to hijack the authentication of users for requests that modify configuration via a SOAPAction parameter of (1) urn:SetOptions for autostart, (2) urn:SetDesktopSync for file upload, or (3) urn:SetFolderConfig for file download location or modification of authentication credentials; and (4) urn:AddNetwork for adding an arbitrary Service Set Identifier (SSID) to hijack the image upload. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/40995 SAID Secunia Advisory: SA29221 OSVDB 42718 MISC http://www.informit.com/articles/article.aspx?p=1177111 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/489045/100/0/threaded BID 28085 |
|
| Return to the previous page. |
