CVE-2016-4708

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response...

CVE-2016-4707

CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors...

Information disclosure

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response...

CVE-2016-4707

CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors...

CVE-2016-4708

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response...

CVE-2016-4707

CVE-2016-4707 affects CFNetwork in Apple iOS <10 and macOS

CVE-2016-4708

CVE-2016-4708 affects CFNetwork across Apple platforms (iOS before 10, OS X before 10.12, tvOS before 10, watchOS before 3). Root cause: input parsing/validation flaw in the Set-Cookie header handling that can disclose sensitive information via a crafted HTTP response. Impact: information disclos...

CVE-2016-4707

CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors...

macOS < 10.12 Multiple Vulnerabilities

The remote host is running a version of Mac OS X that is prior to 10.10.5, 10.11.x prior to 10.11.6, or is not macOS 10.12. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - apachemodphp - Apple HSSPI Support - AppleEFIRuntime - AppleMobileFileIntegri...

The vulnerability of the Mac OS X operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the CFNetwork component in the Mac OS X operating system is related to the use of weak permissions for cookie files in web browsers. Exploiting this vulnerability could allow an intruder, operating locally, to obtain confidential information using indefinite vectors...

About the security content of tvOS 10

About the security content of tvOS 10 This document describes the security content of tvOS 10. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...

Apple OS X CFNetwork Information Disclosure Vulnerability

Apple OS X is a specialized operating system developed for Mac computers. Apple OS X's CFNetwork uses weak privileges on web-browser cookies. A local attacker could exploit this vulnerability to obtain sensitive information...

CVE-2016-4645

CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors...

Information disclosure

CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors...

CVE-2016-4645

CVE-2016-4645 affects CFNetwork in macOS OS X prior to 10.11.6. The issue is a permissions problem in web browser cookies, allowing a local user to obtain sensitive information via unspecified vectors. The vulnerability is documented in Apple’s security content for OS X El Capitan v10.11.6 and Se...

The vulnerability of the iTunes software allows a malicious individual to compromise the confidentiality of protected information.

The vulnerability exists in CFNetwork in Apple’s iOS, OS X, and Apple TV. It stems from the lack of checks for the completeness of the HTTP cookie header before its values are interpreted. Exploiting this vulnerability allows malicious actors to circumvent access restrictions by closing the TCP...

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to obtain confidential information

The vulnerability of the CFNetwork Proxies subsystem in iOS and Mac OS X systems exists due to incorrect URL addresses in http and https requests. Exploiting this vulnerability can allow a malicious actor to obtain confidential information remotely...

Mac OS X 10.9.5 or later < 10.11.1 Multiple Vulnerabilities

Binary data 9324.prm...

Apple iOS < 9.1 Multiple Vulnerabilities

Binary data 9328.prm...

Apple iOS/tvOS and OS X El Capitan CFNetwork Proxies Information Disclosure Vulnerability

Apple iOS, watchOS, OS X El Capitan, and tvOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; watchOS is a smartwatch operating system; and OS X El Capitan is a specialized operating system for Mac computers. tvOS is a smart TV operating system; tvOS is a smart TV...