Session Fixation Vulnerability in Internet Explorer 6.0

Session Fixation Vulnerability in Internet Explorer 6.0

CVE-2004-0866 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

Learn more about our Web App Pen Testing.