Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:46
Type | Values Removed | Values Added |
---|---|---|
References | () http://docs.info.apple.com/article.html?artnum=61798 - Vendor Advisory | |
References | () http://lists.apple.com/mhonarc/security-announce/msg00042.html - | |
References | () http://marc.info/?l=bugtraq&m=106917674428552&w=2 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/7973 - |
Information
Published : 2003-12-15 05:00
Updated : 2024-11-20 23:46
NVD link : CVE-2003-0975
Mitre link : CVE-2003-0975
CVE.ORG link : CVE-2003-0975
JSON object : View
Products Affected
apple
- mac_os_x
- safari
- mac_os_x_server
CWE