CVE-2016-1801

The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors...

CVE-2016-1801

The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors...

Design/Logic Flaw

The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors...

CVE-2016-1801

CVE-2016-1801 affects Apple CFNetwork Proxies in iOS (before 9.3.2), OS X (before 10.11.5), and tvOS (before 9.2.1). The vulnerability is an information leak in the handling of HTTP/HTTPS requests, allowing a privileged network-position attacker to obtain sensitive user data through URL handling....

CVE-2016-1801

The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors...

CVE-2015-7094

CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL...

Design/Logic Flaw

CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL...

CVE-2015-7094

CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL...

Mac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)

The remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2015-005 or 2015-008. It is, therefore, affected by multiple vulnerabilities in the following components : - apachemodphp - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression -...

Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities

The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apachemodphp - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedi...

Apple iOS < 9.2 Multiple Vulnerabilities

Binary data appleios92check.nbin...

Apple iOS CFNetwork HTTPProtocol Component Vulnerability

Apple iOS is an operating system for mobile devices developed by Apple Inc. The CFNetwork HTTPProtocol is one of the components used to send requests to create simple instances. A security vulnerability exists in the CFNetwork HTTPProtocol component in versions of Apple iOS prior to 9, which stem...

CVE-2015-5859

The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...

Hardcoded credentials

The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...

CVE-2015-5859

The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...

CVE-2015-5859

The CVE-2015-5859 entry concerns Apple’s CFNetwork HTTPProtocol component in iOS (pre-9) and OS X (pre-10.11). The connected CNVD/NVD records describe a vulnerability where the CFNetwork HTTPProtocol fails to correctly recognize the HSTS preload list during a Safari private-browsing session, pote...

Apple iOS CFNetwork cookie改写漏洞

No description provided by source...

Apple iOS CFNetwork cookie rewriting vulnerability

iOS is an operating system developed by Apple for mobile devices. A rewrite vulnerability exists in the Apple iOS CFNetwork cookie. An attacker can exploit this vulnerability to rewrite cookie values via a remote web server...

Mac OS X < 10.11 Multiple Vulnerabilities

Binary data 8982.prm...

APPLE-SA-2015-10-21-1 iOS 9.1

APPLE-SA-2015-10-21-1 iOS 9.1 iOS 9.1 is now available and addresses the following: Accelerate Framework Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A...