mailing list archives
Apple Safari: cookie stealing
From: Robert Swiecki <jagger () swiecki net>
Date: Wed, 13 Jun 2007 12:34:42 +0200
There is a vulnerability in Apple Safari, that allows an attacker to
steal a cookie belonging to the arbitrary domain or/and fill the browser
window with an arbitrary content, whereas the url bar and the browser's
window title is derived from the selected domain.
The content of the timer-triggered function is processed after
window.location property is changed.
Tested with Apple Safari 3.0 (522.11.3) on MS Windows 2003 SE SP2
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Apple Safari: cookie stealing Robert Swiecki (Jun 13)