CVE-2015-1089

CFNetwork in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle cookies during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)

The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.3. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - Apache - ATS - Certificate Trust Policy - CFNetwork HTTPProtocol - CFNetwork Session - CFURL - CoreAnimation -...

Apple Mac OS X Cross-Domain HTTP Request Header Authentication Credentials Disclosure Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. A cross-domain HTTP request header validation credential disclosure vulnerability exists in Apple Mac OS X CFNetwork Session Handling Redirection, which allows attackers to exploit the vulnerability to obtain sensitive information...

Apple iOS < 8.3 Multiple Vulnerabilities

Binary data appleios83check.nbin...

Apple iOS 8.3 Includes Long List of Security Fixes

Apple has released iOS 8.3, a major security upgrade for iPhone and iPad users that includes patches for more than three dozen vulnerabilities. The new version of iOS has security fixes for several vulnerabilities in the mobile operating system’s kernel, a handful of code-execution bugs and a lon...

APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address the following: Admin Framework Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A process may gain...

Apple Mac OS X/iOS CFNetwork HTTPProtocol Cross Domain COOKIE Disclosure Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A cross-domain COOKIE disclosure vulnerability in the Apple Mac OS X/iOS CFNetwork HTTPProtocol handling redirection allows attackers to explo...

Mac OS X < 10.10.3 Multiple Vulnerabilities

Binary data 8672.prm...

APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001 OS X 10.10.2 and Security Update 2015-001 are now available and address the following: AFP Server Available for: OS X Mavericks v10.9.5 Impact: A remote attacker may be able to determine...

Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components : - bash - Bluetooth - CFNetwork Cache - CommerceKit Framework - CoreGraphics - CoreSymbolication - CPU Software - FontParser...

APPLE-SA-2014-11-17-1 iOS 8.1.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-11-17-1 iOS 8.1.1 iOS 8.1.1 is now available and addresses the following: CFNetwork Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: Website cache may not be fully cleared after leaving...

APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1 OS X 10.10.1 is now available and addresses the following: CFNetwork Available for: OS X Yosemite v10.10 Impact: Website cache may not be fully cleared after leaving private browsing Description: A privacy...

CVE-2014-4460

CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files...

Design/Logic Flaw

CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files...

CVE-2014-4460

CVE-2014-4460 affects CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1. The root issue is that private-browsing transitions do not properly clear the browsing cache, enabling physically proximate attackers to read cached data. The vulnerability is tracked publicly with a low CVSS score...

CVE-2014-4460

CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files...

Mac OS X 10.10.x < 10.10.1 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.1. This update contains several security-related fixes for the following components : - CFNetwork - Spotlight - System Profiler About This Mac - WebKit Note that successful exploitation of the most serious of...

Apple iTunes < 11.2 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes running on the remote host is prior to version 11.2. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the CFNetwork HTTPProtocol due to a failure to properly ensure that a Set-Cookie HTTP header is complete before interpreting the header's...

Apple iTunes < 11.2 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote host is prior to version 11.2. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the CFNetwork HTTPProtocol due to a failure to properly ensure that a Set-Cookie HTTP header is complete before interpreting the header's...

APPLE-SA-2014-04-22-1 Security Update 2014-002

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-1 Security Update 2014-002 Security Update 2014-002 is now available and addresses the following: CFNetwork HTTPProtocol Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2...