Lucene search
PRIOn knowledge basePRION:CVE-2015-5824HistorySep 18, 2015 - 10:59 a.m.
Information disclosure
2015-09-1810:59:00
PRIOn knowledge base
www.prio-n.com
3
The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
lists.apple.com/archives/security-announce/2015/Sep/msg00001.html
lists.apple.com/archives/security-announce/2015/Sep/msg00005.html
lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
www.securityfocus.com/bid/76764
www.securitytracker.com/id/1033609
support.apple.com/HT205212
support.apple.com/HT205213
support.apple.com/HT205267
Related
nvd
nvd
CVE-2015-5824
2015-09-18 10:59:43
cve
cve
CVE-2015-5824
2015-09-18 10:59:43
cvelist
cvelist
CVE-2015-5824
2015-09-18 10:00:00
securityvulns
securityvulns
APPLE-SA-2015-09-21-1 watchOS 2
2015-10-05 00:00:00
Apple watchOS security vulnerabilities
2015-10-25 00:00:00
APPLE-SA-2015-09-16-1 iOS 9
2015-10-05 00:00:00
nessus
nessus
Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)
2015-10-05 00:00:00