CVE-2007-3827

2007-07-17T21:30:00
ID CVE-2007-3827
Type cve
Reporter cve@mitre.org
Modified 2018-10-15T21:31:00

Description

Mozilla Firefox allows for cookies to be set with a null domain (aka "domainless cookies"), which allows remote attackers to pass information between arbitrary domains and track user activity, as demonstrated by the domain attribute in the document.cookie variable in a javascript: window.