CVE-2015-7023

2015-10-23T17:59:55
ID CVE-2015-7023
Type cve
Reporter NVD
Modified 2016-12-23T21:59:36

Description

CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.