Security Advisory

CVE-2007-3827

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-07-17 21:00:00

Last updated 2024-08-07 14:28:52

Assigner mitre

State PUBLISHED

Description

Mozilla Firefox allows for cookies to be set with a null domain (aka "domainless cookies"), which allows remote attackers to pass information between arbitrary domains and track user activity, as demonstrated by the domain attribute in the document.cookie variable in a javascript: window.

← Browse all CVEs View on cve.org ↗