Mozilla 0.9.6 and previous versions and Netscape 6.2 and previous versions allows remote malicious users to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mozilla mozilla 0.9.2 |
||
mozilla mozilla 0.9.2.1 |
||
netscape communicator 4.6 |
||
netscape communicator 4.61 |
||
netscape communicator 4.7 |
||
netscape communicator 4.72 |
||
netscape communicator 4.0 |
||
netscape communicator 4.06 |
||
netscape communicator 4.07 |
||
netscape communicator 4.08 |
||
netscape communicator 4.77 |
||
netscape communicator 4.78 |
||
netscape navigator 4.77 |
||
netscape navigator 6.0 |
||
mozilla mozilla 0.9.4 |
||
mozilla mozilla 0.9.5 |
||
netscape communicator 4.5 |
||
netscape communicator 4.51 |
||
netscape communicator 4.73 |
||
netscape communicator 4.75 |
||
netscape navigator 6.1 |
||
mozilla mozilla 0.9.3 |
||
mozilla mozilla 0.9.4.1 |
||
mozilla mozilla 0.9.6 |
||
netscape communicator 4.4 |
||
netscape communicator 4.5_beta |
||
netscape communicator 4.74 |
||
netscape communicator 4.76 |
||
netscape navigator 6.01 |
||
netscape navigator 6.2 |
Vulmon