Cookie Jar Overflow
The browsers have a limit on the number of cookies that they can store for a page. Then, if for some reason you need to make a cookie disappear, you can overflow the cookie jar as the oldest ones will be deleted before:
Notice, that third party cookies pointing to a different domain won't be overwritten.
This attack can also be used to overwrite HttpOnly cookies as you can delete it and then reset it with the value you want.
Check this in this post with a lab.
Last updated