CVE-2015-5860

2015-09-18T07:00:08
ID CVE-2015-5860
Type cve
Reporter NVD
Modified 2016-12-21T22:00:10

Description

The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site.