CVE-2004-0866

2005-02-1305:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.6%

JSON

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user’s HTTP session.

References

marc.info/?l=bugtraq&m=109536612321898&w=2

securitytracker.com/id?1011332

www.securityfocus.com/bid/11186

exchange.xforce.ibmcloud.com/vulnerabilities/17415