Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0514


Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0514
Last Modified 05 Sep 2008 04:34:31
Published 15 Apr 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

Vulnerable Systems


  • Apple Safari 1.0

  • Apple Safari 1.1


FULLDISC - 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue

Last Updated: 27 May 2016 10:37:56