Fedora Account System
Red Hat Associate
Red Hat Customer
Mozilla security researcher David Chan reported that cookies set for example.com. (note the trailing dot) and example.com were treated as interchangeable. This is a violation of same-origin conventions and could potentially lead to leakage of cookie data to the wrong party. This issue did not affect Firefox 4 or newer products.
Public now via: [1] http://www.mozilla.org/security/announce/2011/mfsa2011-24.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2011:0887 https://rhn.redhat.com/errata/RHSA-2011-0887.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0886 https://rhn.redhat.com/errata/RHSA-2011-0886.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2011:0888 https://rhn.redhat.com/errata/RHSA-2011-0888.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 4 Via RHSA-2011:0885 https://rhn.redhat.com/errata/RHSA-2011-0885.html