148 matches found
Debian DSA-459-1 : kdelibs - cookie path traversal
A vulnerability was discovered in KDE where the path restrictions on cookies could be bypassed using encoded relative path components e.g., '/../'. This means that a cookie which should only be sent by the browser to an application running at /app1, the browser could inadvertently include it with...
Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:022)
Corsaire discovered that a number of HTTP user agents contained a flaw in how they handle cookies. This flaw could allow an attacker to avoid the path restrictions specified by a cookie's originator. According to their advisory : 'The cookie specifications detail a path argument that can be used ...
RHEL 2.1 / 3 : mozilla (RHSA-2004:110)
Updated Mozilla packages that fix vulnerabilities in S/MIME parsing as well as other issues and bugs are now available. Mozilla is a Web browser and mail reader, designed for standards compliance, performance and portability. Network Security Services NSS is a set of libraries designed to support...
RHEL 2.1 : kdelibs (RHSA-2004:074)
Updated kdelibs packages that fix a flaw in cookie path handling are now available. Konqueror is a file manager and Web browser for the K Desktop Environment KDE. Flaws have been found in the cookie path handling between a number of Web browsers and servers. The HTTP cookie standard allows a Web...
Important: Red Hat Security Advisory: : Updated Mozilla packages fix security issues
Updated Mozilla packages that fix vulnerabilities in S/MIME parsing as well as other issues and bugs are now available. Mozilla is a Web browser and mail reader, designed for standards compliance, performance and portability. Network Security Services NSS is a set of libraries designed to support...
[Full-Disclosure] Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
-- Corsaire Security Advisory -- Title: Multiple vendor HTTP user agent cookie path traversal issue Date: 12.07.03 Application: Various Environment: Various Author: Martin O'Neal [email protected] Audience: Vendor notification Reference: c030712-001 -- Scope -- The aim of this document is...
Apple Safari 1.x - Cookie Directory Traversal
Apple Safari 1.x - Cookie Directory Traversal source: https://www.securityfocus.com/bid/9841/info Multiple vendor Internet Browsers have been reported to be prone to a cookie path argument restriction bypass vulnerability. The issue presents itself due to a failure to properly sanitize encoded UR...
DSA-459 kdelibs - cookie path traversal
Bulletin has no description...