2 matches found
CVE-2005-4685
The CVE-2005-4685 entry describes a cookie handling flaw in Firefox/Mozilla where, if the DNS resolver uses a non-root domain in its search list, a cookie can be associated with multiple domains or stolen for an expanded hostname. Exploitation involves a user-entered hostname being expanded via t...
CVE-2005-4685
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a...