2 matches found
Cross site scripting
Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and...
CVE-2004-0867
CVE-2004-0867 affects Mozilla Firefox 0.9.2 by allowing websites to set cookies for country-specific top‑level domains (e.g., .ltd.uk, .plc.uk, .sch.uk), which could enable a session‑fixation attack and session hijack. The note indicates 2.x may also be affected. Technical details in the provided...