Back to search
CVE-2003-0514
Published: Mar 16, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
mailing-list
x_refsource_FULLDISC
20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
mailing-list
x_refsource_VULNWATCH
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now