Apple Safari Web Browser Null Character Cookie Stealing Vulnerability

Apple Safari Web Browser Null Character Cookie Stealing Vulnerability

Solution:
Apple has released an advisory (APPLE-SA-2003-12-05) and fixes to address this issue. Please see referenced advisory for further details. Fixes are linked below.

Apple has released a Security Update to address this vulnerability:

Apple Safari 1.0

Apple SecurityUpd2003-12-05Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-0935.20031205.cft4r/2Z/Sec urityUpd2003-12-05Jag.dmg

Apple Safari 1.1

Apple SecurityUpd2003-12-05Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-0935.20031205.cft4r/2Z/Sec urityUpd2003-12-05Jag.dmg

Apple Mac OS X 10.2.8

Apple SecurityUpd2003-12-05Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-0935.20031205.cft4r/2Z/Sec urityUpd2003-12-05Jag.dmg

Apple Mac OS X Server 10.2.8

Apple SecurityUpd2003-12-05Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-0935.20031205.cft4r/2Z/Sec urityUpd2003-12-05Jag.dmg

Apple Mac OS X 10.3.1

Apple SecurityUpd2003-12-05.dmg
http://download.info.apple.com/Mac_OS_X/061-0970.20031205.Z2w34/2Z/Sec urityUpd2003-12-05.dmg

Apple Mac OS X Server 10.3.1

Apple SecurityUpd2003-12-05.dmg
http://download.info.apple.com/Mac_OS_X/061-0970.20031205.Z2w34/2Z/Sec urityUpd2003-12-05.dmg