[Dshield] Browser vulnerability: Mozilla Cookie Path Restrictions Can Be Bypassed By Remote Servers
peter.stendahl-juvonen at welho.com
Fri Mar 12 11:35:04 GMT 2004
Mozilla Cookie Path Restrictions Can Be Bypassed By Remote Servers
Description: A vulnerability was reported in Mozilla in the processing
of cookies. A remote user may be able to bypass the path restrictions
specified by a cookie's originator. Several other browsers are also
The affected vendors were reportedly notified between July 12 and July
Impact: A remote server application can obtain cookies from the target
user's browser for the same domain but regardless of the path
Solution: No solution has been publicly disclosed at the time of this
Vendor URL: www.mozilla.org/
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
"Delay not; swift the flight of fortune's greatest favours."
Seneca (5 BC-65 AD); Roman dramatist, philosopher, & politician.
More information about the list