How do you help avoid being vulnerable to this type of vulnerability? There are a couple of things you can do to help minimize your exposure:
See my AJAX World presentation on Web 2.0 Security for more information. I discussed this class of vulnerability but only presented examples of Array() constructor overriding because Fortify hadn’t released their advisory publicly yet.
dan _at_ denimgroup.com