CVE-2002-2314

Mozilla 1.0 - Cookie Theft via JavaScript URL with Leading Slashes and Newline

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-2314. PoCs published by Andreas Sandblad.

AI-analyzed exploit summary This exploit leverages a vulnerability in Mozilla browsers where a crafted javascript: URL can bypass domain restrictions to access cookies from arbitrary domains. The PoC demonstrates stealing a Google cookie by embedding malicious JavaScript in an iframe.

Description

Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Andreas Sandblad · textremotemultiple

https://www.exploit-db.com/exploits/21638

View Code ZIP pw:eip

This exploit leverages a vulnerability in Mozilla browsers where a crafted javascript: URL can bypass domain restrictions to access cookies from arbitrary domains. The PoC demonstrates stealing a Google cookie by embedding malicious JavaScript in an iframe.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Mozilla Browser (versions affected in 2002)

No auth needed

Prerequisites: Victim must have a session cookie for the targeted domain (e.g., Google) · Victim must visit a malicious page hosting the exploit

MITRE ATT&CK