Lucene search
HistorySep 16, 2004 - 4:00 a.m.
CVE-2004-0866
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.3 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
77.6%
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user’s HTTP session.
Affected configurations
Node
kdekonquerorMatch2.1.1
ORkdekonquerorMatch2.1.2
ORkdekonquerorMatch2.2.1
ORkdekonquerorMatch2.2.2
ORkdekonquerorMatch3.0
ORkdekonquerorMatch3.0.1
ORkdekonquerorMatch3.0.2
ORkdekonquerorMatch3.0.3
ORkdekonquerorMatch3.0.5
ORkdekonquerorMatch3.0.5b
ORkdekonquerorMatch3.1
ORkdekonquerorMatch3.1.1
ORkdekonquerorMatch3.1.2
ORkdekonquerorMatch3.1.3
ORkdekonquerorMatch3.1.4
ORkdekonquerorMatch3.1.5
ORkdekonquerorMatch3.2.1
ORkdekonquerorMatch3.2.3
ORmicrosoftieMatch6.0sp1
ORmicrosoftieMatch6.0sp2
ORmicrosoftinternet_explorerMatch6.0
ORmozillafirefoxMatch0.9.2
Node
susesuse_linuxMatch1.0desktop
ORsusesuse_linuxMatch8enterprise_server
ORsusesuse_linuxMatch8.1
ORsusesuse_linuxMatch8.2
ORsusesuse_linuxMatch9.0
Related
cve
cve
cvelist
cvelist
prion
prion
Cross site scripting
2008-07-14 23:41:00
Cross site scripting
2008-07-14 23:41:00
nvd
nvd
nessus
nessus
RHEL 2.1 / 3 : kdelibs, kdebase (RHSA-2004:412)
2004-10-06 00:00:00
securityvulns
securityvulns
wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities
2004-09-17 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.3 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
77.6%
Related for NVD:CVE-2004-0866