Iliwoy

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 41.0.2272.76 Opera (affected versions not specified) **Description** The issue arises from improper handling of a 407 HTTP status code accompanied by a Set-Cookie header in the net/http/proxy client socket.cc component. This allows remote proxy servers to conduct cookie-injection attacks via a crafted response. The vulnerability can be exploited by a remote proxy server to inject cookies using a specially formed response. **Recommendations** For Google Chrome versions prior to 41.0.2272.76, update to version 41.0.2272.76 or later to resolve the issue. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability.