Vulnerabilities

CVE-2011-2362

by Fred · 30/06/2011

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.

Date published : 2011-06-30

http://support.avaya.com/css/P8/documents/100144854

http://support.avaya.com/css/P8/documents/100145333

Similar

Tags: Cybersecurity Alert