Corsaire has discovered a vulnerability in multiple vendors' browsers, which can be exploited by malicious people to bypass certain cookie restrictions.
A website can use a path argument for cookies in order to restrict the areas on the website for which a cookie applies and information therefore is exposed to.
However, it is possible to bypass the path restrictions specified by the cookie's originator due to validation errors in multiple browsers, which can be exploited via classic directory traversal character sequences.
This can potentially expose sensitive information stored in cookies associated with certain restricted sections of a site to malicious people, if e.g. a resource on the website outside the restricted area is vulnerable to cross-site scripting attacks.
Solution: Many of the vendors involved have reportedly patched the issue silently in product releases made after July 2003. Users are therefore advised to update to the latest version of the affected products.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com