Unrated severityNVD Advisory· Published Jul 14, 2008· Updated Jun 16, 2026
CVE-2008-3170
CVE-2008-3170
Description
Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
9- www.us-cert.gov/cas/techalerts/TA08-350A.htmlnvdUS Government Resource
- kuza55.blogspot.com/2008/07/some-random-safari-notes.htmlnvd
- lists.apple.com/archives/security-announce//2008//Dec/msg00000.htmlnvd
- secunia.com/advisories/31128nvd
- support.apple.com/kb/HT3338nvd
- www.securityfocus.com/bid/30192nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/3444nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43839nvd
News mentions
0No linked articles in our index yet.