Internet Explorer cookies leave you naked | The Register

Skip to content

Management:

News Tools

Reg Shops

Top Stories

Read more top stories

Related Whitepapers

The Perfect (Virtual) Marriage
Deduplication and VMware
Enforce Your Email and Web Acceptable Usage Policies
Not Just Words
Making Green IT a Reality
Customer Perspectives on the Impact of Storage Vendor Decisions on Power, Cooling, & Space in Enterprise Data Centers
Solution Brief: Reduce Energy Costs
With Green IT Solutions
Enabling the Data Center Metamorphosis
From Fixed To Fluid
Server Consolidation and Containment
With Virtual Infrastructure

The Register » Management »

Internet Explorer cookies leave you naked

Debugging closed-source apps sure takes time

By Thomas C Greene in Washington DC → More by this author

Published Friday 12th May 2000 09:49 GMT

Anyone who uses cookies for authentication or to store data like passwords could have that information exposed by Internet Explorer and intercepted by a malicious Web site, Peacefire.org reports.

Using a specially constructed URL, a third-party Web site can read Internet Explorer cookies from any domain, enabling the operator of a hostile Web site to break into a visitor's Hotmail account; visit Amazon.com impersonating that user and access their real name, e-mail address and list of 'recommended titles'; grab an MP3.com user's e-mail address, and so on, Peacefire contributors Bennett Haselton and Jamie McCarthy say.

All versions of IE for Windows are affected, but versions for Unix and Mac are not, nor is Netscape, the article says. Users of IE for Windows are urged to disable JavaScript until the world-class innovators in Redmond noodle out a proper fix.

The Peacefire site includes a demonstration which will display cookie data for other domains to which you're logged in another browser window. ®

Free whitepaper: Eliminating the Security Risk of Sending Confidential Information by Email

Track this type of story as a custom Atom/RSS feed or by email.

Post to Slashdot

Add to del.icio.us

Previous Article

From small embedded OS to the world's most used open mobile OS

whitepaper title

The Perfect (Virtual) Marriage

Get consistent virtual machine storage savings of 50% (often as high as 90%) with virtually no performance impact with NetApp deduplication..

whitepaper title

Enforce Your Email and Web Acceptable Usage Policies

Unmanaged employee use of email and the web can subject any organization to costly risks. Learn how clearly written Email and Web Acceptable Usage Policies (AUPs) can protect your business.

Whitepapers	Jobs
What Every E-Business Should Know about SSL Security and Consumer Trust Protecting Online Customers from Man-in-the-Middle Attacks The Impact of Software-As-A-Service (Saas) Strategies for Deploying Blade Servers in Existing Data Centers [WP125]	Perl Kung Foo Artist (mod_perl web engineer) mod-Perl Developer Sr Perl Developer (Team Lead) Perl/Financial Application Developers Programmer/Developer

Top 20 stories • All The Week’s Headlines • Archive • Search