July 29, 2008

Apple Safari Vulnerable to Session Fixation Attack

Apple Safari web browser is vulnerable to session fixation attack when it allows websites to set cookies for top level domains like .co.uk and .co.au. This vulnerability allows an attacker to access HTTP sessions used by a user.

Session fixation attacks attempt to exploit the vulnerability of a system which allows one person to fixate (set) another person's session identifier (SID). - Wikipedia.com

Currently no updates found on Apple Safari Website .

See also:
National Vulnerability Database

No comments: