VYPR
Unrated severityNVD Advisory· Published Jul 14, 2008· Updated Jun 16, 2026

CVE-2008-3170

CVE-2008-3170

Description

Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Apple Inc./Safari2 versions
    cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.