CVE-2015-1089

2015-04-10T14:59:00
ID CVE-2015-1089
Type cve
Reporter cve@mitre.org
Modified 2017-01-03T02:59:00

Description

CFNetwork in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle cookies during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.