[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Apple Safari 1.1 (v100)

To: bugtraq@securityfocus.com
Subject: Apple Safari 1.1 (v100)
From: Austin Gilbert <austin@breakingrobots.net>
Date: Tue, 18 Nov 2003 09:28:33 -0800 (PST)

Hi,

it appears that Apple's Safari is vulnerable to the 
old Mozilla/IE cookie theft vulnerability outlined by
Marc Slemko
http://alive.znep.com/~marcs/security/mozillacookie/

Marc posted a nice demo so that you can verify the
vulnerability.
http://alive.znep.com/~marcs/security/mozillacookie/demo.html


Cheers,

Austin

Follow-Ups:
- Re: Apple Safari 1.1 (v100)
  - From: Christian Horchert <chorchert@veedev.de>
- Re: Apple Safari 1.1 (v100)
  - From: vm_converter <vm_converter@mac.com>

Prev by Date: OpenLinux: Linux NFS utils package contains remotely exploitable off-by-one bug
Next by Date: Re: Vulnerability Disclosure Formats (was "Re: Funny article")
Previous by thread: OpenLinux: Linux NFS utils package contains remotely exploitable off-by-one bug
Next by thread: Re: Apple Safari 1.1 (v100)
Index(es):
- Date
- Thread