A hole in the IE cookiejar

An important yet not disastrous security hole was found in Microsoft's Internet Explorer today. It seems that any site can read any cookie, exposing potentially harmful information. According to this site, you can use a "specially constructed URL" to confuse IE and grab a cookie that you're not supposed to get.

For example, we at TR could determine who of you have actually viewed playboy.com's latest pictorial with John "Daikatana" Romero's girlfriend - Killcreek.

Tip: You can use the A/Z keys to walk threads.
View options

No comments in this discussion yet.