CVE-2004-0871

2004-09-16T04:00:00
ID CVE-2004-0871
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:30:00

Description

Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."