Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2003-12-14 21:00
Updated : 2017-07-10 18:29
NVD link : CVE-2003-0975
Mitre link : CVE-2003-0975
JSON object : View
CWE
Products Affected
apple
- mac_os_x
- mac_os_x_server
- safari