Vulnerabilities > CVE-2007-3827 - Remote Security vulnerability in Firefox
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Mozilla Firefox allows for cookies to be set with a null domain (aka "domainless cookies"), which allows remote attackers to pass information between arbitrary domains and track user activity, as demonstrated by the domain attribute in the document.cookie variable in a javascript: window.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |