Back to search
CVE-2003-0594
Published: Mar 16, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
mailing-list
x_refsource_FULLDISC
20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue
mailing-list
x_refsource_VULNWATCH
oval:org.mitre.oval:def:917
vdb-entry
signature
x_refsource_OVAL
RHSA-2004:112
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:9826
vdb-entry
signature
x_refsource_OVAL
MDKSA-2004:021
vendor-advisory
x_refsource_MANDRAKE
oval:org.mitre.oval:def:873
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now