CVE-2013-6167
Firefox < 27.0 - Cross-Site Request Forgery via Malformed Cookie Header
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-6167. PoCs published by anonymous.
AI-analyzed exploit summary The exploit describes a denial-of-service vulnerability in Mozilla Firefox due to improper input validation, allowing injection of special characters into local cookie storage. This causes targeted websites to respond with errors, leading to a DoS condition.
Description
Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.
Exploits (1)
The exploit describes a denial-of-service vulnerability in Mozilla Firefox due to improper input validation, allowing injection of special characters into local cookie storage. This causes targeted websites to respond with errors, leading to a DoS condition.