Re: Security: Cookies

An advisory recently about a cookie security problem :

A site can set a cookie which contains a script, then
open a frame on your cookie file thus executing the script with
the domain of your PC, able to parse HTML files and directories
on your PC.

Cookies were also mentioned in the "cross platform scripting
advisory" - which is really about web forums, chat rooms and
query scripts being able to attack other HTML forms on the same

Andrew Daviel
Deniable unless digitally signed.

Received on Friday, 28 April 2000 23:12:43 UTC