COMMAND

    netscape

SYSTEMS AFFECTED

    Those running netscape

PROBLEM

    Oliver Lineham found following.   You may recall the discovery  in
    December  of  a  cookie  bug  affecting  virtually  all   browsers
    (including Netscape), relating  to the cookie  domain restriction.
    To refresh memory, take a look at this site or original one:

        http://homepages.paradise.net.nz/~glineham/cookiemonster.html

    Two points with regards to Netscape/Mozilla:

    1)  The  bug report page  on netscape.com claims  that the bug  is
        fixed from v4.51

        http://help.netscape.com/kb/client/981231-1.html

        This is a lie (see for yourself)

    2)  Netscape/Mozilla decided  against fixing  this security  hole,
        because it  would break  Yahoo Mail  - who  uses sloppy cookie
        code.   Rather  than  notifying  Yahoo,  the  fix  was  simply
        dropped.

    All Netscape browsers,  past, present, and  future, have the  bug.
    You can read the  (lengthy) discussion amongst Netscape  engineers
    on this issue, on

        http://bugzilla.mozilla.org/show_bug.cgi?id=8743

    (contains both Bugzilla and Bugsplat comments)

SOLUTION

    As an aside, versions of IE released since Microsoft was notified,
    do not exhibit this bug.