Lucene search
AppleCVELIST:CVE-2015-5824HistorySep 18, 2015 - 10:00 a.m.
CVE-2015-5824
2015-09-1810:00:00
apple
www.cve.org
The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
lists.apple.com/archives/security-announce/2015/Sep/msg00001.html
lists.apple.com/archives/security-announce/2015/Sep/msg00005.html
lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
www.securityfocus.com/bid/76764
www.securitytracker.com/id/1033609
support.apple.com/HT205212
support.apple.com/HT205213
support.apple.com/HT205267
Related
prion
prion
Information disclosure
2015-09-18 10:59:00
nvd
nvd
CVE-2015-5824
2015-09-18 10:59:43
cve
cve
CVE-2015-5824
2015-09-18 10:59:43
securityvulns
securityvulns
APPLE-SA-2015-09-21-1 watchOS 2
2015-10-05 00:00:00
Apple watchOS security vulnerabilities
2015-10-25 00:00:00
APPLE-SA-2015-09-16-1 iOS 9
2015-10-05 00:00:00
nessus
nessus
Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)
2015-10-05 00:00:00