CVE-2004-0866

Name of the Vulnerable Software and Affected Versions: Internet Explorer version 6.0

Description: The issue allows web sites to set cookies for country-specific top-level domains, which could enable remote attackers to perform a session fixation attack and hijack a user's HTTP session.

Recommendations: For Internet Explorer version 6.0, consider disabling the ability to set cookies for country-specific top-level domains as a temporary workaround until a patch is available. Restrict access to sensitive information to minimize the risk of session hijacking.