CVE-2008-7297
Published at:
-
09-08-2011 09:55
Last modified:
-
06-10-2022 02:13
Total changes:
-
2
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
Low
Availability
None
Confidentiality
Low
Integrity
-
Privileges required
-
Scope
-
User interaction
5.8
Base score
8.6
4.9
Exploitability score
Impact score
Verification logic
Reference
- http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies
- http://scarybeastsecurity.blogspot.com/2008/11/cookie-forcing.html
- http://michael-coates.blogspot.com/2010/01/cookie-forcing-trust-your-cookies-no.html
- http://scarybeastsecurity.blogspot.com/2011/02/some-less-obvious-benefits-of-hsts.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=660053
Keywords