2004-09-24 04:00:00
mitre
PUBLISHED
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a users HTTP session. NOTE: it was later reported that 2.x is also affected.