2 matches found
CVE-2004-1527
Microsoft Internet Explorer 6.0 SP1 is affected by a vulnerability in handling certain character strings in the Path attribute, which can allow a remote attacker to hijack sessions by causing cookies to be modified in other domains when the attacker’s domain name is contained in the target’s doma...
CVE-2004-1527
Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows remote attackers ...