Re: the other IE cookie stealing bug (MS01-055)

[CDE Francis <fuy () jhu edu>]

At 8:44 PM -0800 2001/11/14, Marc Slemko wrote:
>         http://passport.com%20.sub.znep.com/cgi-bin/cookies
>    ...will cause IE to connect to the hostname specified, but send the
>    cookies to the server based on the hostname before the "%20"

Once again, I'd like to point out that IE 5 Mac (OS 8/9 or X) is not
 vulnerable to this attack. Please remember that IE != Windows.  :-p

-F.