oval:org.mitre.oval:def:917

Definition Id: oval:org.mitre.oval:def:917

Oval ID:	oval:org.mitre.oval:def:917
Title:	Red Hat Enterprise 3 Mozilla Bypass Cookie Access Restrictions Vulnerability
Description:	Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2003-0594	Version:	2
Platform(s):	Red Hat Enterprise Linux 3	Product(s):
Definition Synopsis:
Red Hat Enterprise 3 is installed AND ix86 architecture AND mozilla-nss version is less than 1.4.2-3.0.2