Cookies not safe in Netscape

News

Cookies not safe in Netscape

A security flaw in Netscape's Navigator Web browser can allow hackers to view the information stored in cookies on a user's computer, according to a security note published on Netscape's Web site.

The vulnerability affects Navigator versions 6.0 through to 6.2, as well as version 0.9.6 and earlier versions of the open source version of Navigator, Mozilla, according to an analysis written by Marc Slemko, who discovered the bug.

Slemko said the bug can be exploited by causing users to visit a Web address inserted into HTML code on a Web page or in an HTML-formatted e-mail. If the user were to view the malicious Web site, cookies could be stolen off the user's computer, Slemko said.

Cookies are small data files used by many Web sites to track user visits, preferences and identity. If a cookie is readable, it can be used to impersonate the rightful owner of that cookie on a Web site.

Netscape urges all users of Navigator 6 through 6.2 to upgrade to version 6.2.1 which does not contain the flaw. Mozilla users should upgrade to version 0.9.7, which also contains the fix.

Users can upgrade the Netscape browser at home.netscape.com/computing/download/index.html or Mozilla at www.mozilla.org

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy