Vulnerability Description
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dojofoundation | Dojo Toolkit | All versions |
| Ibm | Rational Clearquest | 7.1.1.1 |
Related Weaknesses (CWE)
References
- ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1
- http://secunia.com/advisories/42624Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM15146
- ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1
- http://secunia.com/advisories/42624Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM15146
FAQ
What is CVE-2010-4600?
CVE-2010-4600 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to a...
How severe is CVE-2010-4600?
CVE-2010-4600 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4600?
Check the references section above for vendor advisories and patch information. Affected products include: Dojofoundation Dojo Toolkit, Ibm Rational Clearquest.