CVE-2008-3170 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2008-3170
Status Candidate
Description Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867.
Phase Assigned (14.07.2008)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3170
References APPLE : APPLE-SA-2008-12-15
BID : 30192
CERT : TA08-350A
CONFIRM : http://support.apple.com/kb/HT3338
MISC : http://kuza55.blogspot.com/2008/07/some-random-saf...
SECTRACK : 1020539
SECUNIA : 31128
VUPEN : ADV-2008-3444
XF : safari-domains-session-hijacking(43839)
SecurityVulns: Apple Mac OS X multiple security vulnerabilities

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server