The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Exploit May Cause Safari To Toss Its Cookies

Mac Security Alert - Exploit May Cause Safari To Toss Its Cookies

by , 1:00 PM EST, November 26th, 2003

The information technology security company, Secunia, has released an advisory about a vulnerability in Safari, Apple's Web browser. The exploit can be used remotely to trick the browser into sending a user's private cookie information for a website. Cookies are bits of information stored on a person's computer that are pertinent to that specific person. Their main purpose is to identify visitors so a certain Web site can be customized for them. From the Secunia advisory page:

A vulnerability has been reported in Apple Safari, which can be exploited by malicious people to steal a user's cookies. The vulnerability is caused due to an error when handling URLs. This can be exploited to disclose a user's cookie information for an arbitrary website by including a NULL character ("%00") in the URL. The vulnerability has been reported in versions 1.0 (v85) through 1.1 (v100.1).

The vulnerability carries a threat level of 4 on a scale of 1-5. That level is characterized by the existence of easy to exploit flaws, no solutions being available, no public awareness or workarounds requiring high technical skills, and the exploit being out "in the wild."

Secunia suggests using another browser to avoid being exposed to the security hazard.

Recent TMO Headlines - Updated May 24th

Tue, 11:13 PM
Apple Elevates Inclusion and Diversity to Ranks of Vice President
Tue, 8:30 PM
How to Use Instagram Archive to Hide Old Photos
Tue, 6:10 PM
How to Use New 1Password Travel Mode to Protect Your Data
Tue, 6:05 PM
There's a $399 3D Printer on Kickstarter
Tue, 4:59 PM
No PC Maker Can 'Go After' Apple MacBooks with Good Design
Tue, 4:27 PM
Samsung Galaxy S8 Iris Scanner Already Hacked
Tue, 3:00 PM
iOS 10: Disabling Slack Indexing Might Improve Spotlight Search - Here's How to Do It
Tue, 2:11 PM
Soverin Secure Email 1-Year Subscription: $10
Tue, 1:46 PM
IKEA Says Hello to HomeKit, Apple's Diversity Boss, Huawei Targets the MacBook - TMO Daily Observations 2017-05-23
Tue, 10:22 AM
IKEA is Making HomeKit Smart Lights Affordable for Everyone
Tue, 9:14 AM
Apple and Nokia Reach Agreement in Patent Licensing Dispute
Mon, 6:41 PM
Supreme Court Just Killed Marshall Texas Patent Troll Business
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!