N/A

Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix with more than one dot character, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." NOTE: this issue may exist because of an insufficient fix for CVE-2004-0866.

N/A

N/A

Microsoft Internet Explorer 权限许可和访问控制问题漏洞

Microsoft Internet Explorer（IE）是美国微软（Microsoft）公司的一款Windows操作系统附带的Web浏览器。 Microsoft Internet Explorer 允许网站为具有公共后缀并多于一个dot字节的域来设置cookies，这会允许远程攻击者完成一个会话固定攻击和挟持一个用户的HTTP会话，又称"跨站Cooking"。 注意: 该漏洞可能因为CVE-2004-0866的补丁不足以解决问题而存在。

N/A

N/A