 |
 |
 |
 |
 |
Information about your favorite browser: news, articles and more.
Firefox hands out cookies from strangers
Published February 18th, 2007 in Browser Security, Cookies, Exploits & Vulnerabilities, Firefox
Firefox suffers from a flaw that allows attackers to manipulate the authentication cookies of virtually any website, a vulnerability 
Bugzilla has deemed severe. It’s the second major security lapse for the open-source browser in as many days.
The defect, which stems from the way Firefox writes to the "location.hostname" property of the document object model, can be exploited by a specially doctored script that sets variables that normally wouldn’t be accepted when parsing a regular URL, according to researcher Michal Zalewski, who uncovered Monday’s vulnerability as well. Firefox hands out cookies from strangers | Channel Register
