Safari browser flaw: Session fixation attacks possible

Another day, another unpatched Safari browser vulnerability.

According to this flaw warning found on the NVD (National Vulnerability Database), Apple’s flagship browser is vulnerable to session fixation attacks because of the way it handles cookies in country-specific top-level domains.

[ SEE: Microsoft issues Safari-to-IE blended threat warning ]

Heise Security breaks down the attack vector:

Apple’s Safari web browser, when handling cookies in multipart top level domains (TLDs), contains a vulnerability that potentially allows attackers to access the web services used by the victim. Safari handles multipart TLDs like or differently from normal TLDs like .de or .com. According to a report, this allows attackers to inject the browser with a cookie which Safari will subsequently use for log-in authentication at other servers in the same TLD.

Alex “Kuza55,” a hacker who appeared at Microsoft’s Blue Hat summit, is credited with discovering this Safari vulnerability. It carries a CVSS Base Score of 6.8.

[Source: zdnet]