CVE-2002-2314

Published: Oct 26, 2007

Modified: Sep 17, 2024

PUBLISHED

Description

Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

mozilla-javascript-steal-cookies(9656)

vdb-entry

x_refsource_XF

http://bugzilla.mozilla.org/show_bug.cgi?id=152725

x_refsource_MISC

20020918 Mozilla vulnerabilities, an update

mailing-list

x_refsource_BUGTRAQ

http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html

x_refsource_CONFIRM

20020724 Mozilla cookie stealing - Sandblad advisory #9

mailing-list

x_refsource_BUGTRAQ

MDKSA-2002:074

vendor-advisory

x_refsource_MANDRAKE

5293

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-2314

Description

Affected Products

References