Lucene search
AppleCVELIST:CVE-2014-1296HistoryApr 23, 2014 - 10:00 a.m.
CVE-2014-1296
2014-04-2310:00:00
apple
www.cve.org
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header’s value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction.
Related
cve
cve
CVE-2014-1296
2014-04-23 11:52:59
prion
prion
Design/Logic Flaw
2014-04-23 11:52:00
nvd
nvd
CVE-2014-1296
2014-04-23 11:52:59
securityvulns
securityvulns
APPLE-SA-2014-05-15-2 iTunes 11.2
2014-05-29 00:00:00
iTunes security vulnerabilities
2014-05-29 00:00:00
APPLE-SA-2014-04-22-1 Security Update 2014-002
2014-05-04 00:00:00
nessus
nessus
Apple iTunes < 11.2 Multiple Vulnerabilities (credentialed check)
2014-05-16 00:00:00
iTunes for Windows < 11.2 Multiple Vulnerabilities
2015-07-19 00:00:00
Apple iTunes < 11.2 Multiple Vulnerabilities (uncredentialed check)
2014-05-16 00:00:00
openvas
openvas
Apple Mac OS X Denial of Service And Access Bypass Vulnerability
2016-11-17 00:00:00
Apple Mac OS X Multiple Vulnerabilities-03 (Nov 2016)
2016-11-17 00:00:00
Apple Mac OS X Multiple Vulnerabilities-02 (Nov 2016)
2016-11-17 00:00:00