Balandar Posted January 29, 2002 Share Posted January 29, 2002 Netscape flaw leaves cookies unsecure By Sam Costello, IDG News Service (Jan. 29, 2002) A security flaw in Netscape Communications Corp.'s Navigator Web browser can let malicious Web site operators view the information stored in cookies on a user's computer, according to a security note published on Netscape's Web site. The vulnerability affects Navigator Versions 6 through 6.2, as well as Version 0.9.6 and earlier versions of the open-source version of Navigator, Mozilla, according to an analysis written by Marc Slemko, who discovered the bug. The bug can be exploited by causing users to visit a Web address inserted into HTML on a Web page or in an HTML-formatted e-mail, he wrote. If users were to view the malicious Web site, cookies could be stolen off their computer, Slemko said. Cookies are small data files used by many Web sites to track user visits, preferences and identity. If a cookie is readable, it can be used to impersonate the rightful owner of that cookie on a Web site. Netscape urges all users of Navigator 6 through 6.2 to upgrade to Version 6.2.1, which doesn't contain the flaw. Mozilla users should upgrade to Version 0.9.7, which also contains the fix. Netscape is based in in Mountain View, Calif. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.