GEN:SID 1:1841
Message WEB-CLIENT Javascript URL host spoofing attempt
Summary This event is generated when a client on the protected network has
possibly visited a website containing malicious javascript code.
Impact Minimal
Detailed Information Certain versions of Mozilla and Netscape may allow script code to access
local cookie data.

By accessing a maliciously coded webpage, a users cookie data from any
domain may be viewed by the website's administrator.
Affected Systems Mozilla versions prior to 1.0.1
    Netscape versions prior to 6.2.1
Attack Scenarios A devious website admin creates a webpage with malicious code and
obtains sensitive cookie data from a visiting user's web browser about
any domain he wishes.
Ease of Attack Simple
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References Bugtraq:
http://www.securityfocus.com/bid/5293
Rule References bugtraq: 5293