kdelibs -- konqueror cross-domain cookie injection

According to a KDE Security Advisory:

WESTPOINT internet reconnaissance services alerted the
KDE security team that the KDE web browser Konqueror
allows websites to set cookies for certain country
specific secondary top level domains.
Web sites operating under the affected domains can
set HTTP cookies in such a way that the Konqueror web
browser will send them to all other web sites operating
under the same domain. A malicious website can use
this as part of a session fixation attack. See e.g.
http://www.acros.si/papers/session_fixation.pdf
Affected are all country specific secondary top level
domains that use more than 2 characters in the secondary
part of the domain name and that use a secondary part other
than com, net, mil, org, gov, edu or int. Examples of
affected domains are .ltd.uk, .plc.uk and .firm.in
It should be noted that popular domains such as .co.uk, .co.in
and .com are NOT affected.