3 matches found
APPLE-SA-2015-09-21-1 watchOS 2
APPLE-SA-2015-09-21-1 watchOS 2 watchOS 2 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: Th...
CVE-2015-5841
The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response...
CVE-2015-5841
CVE-2015-5841 concerns the CFNetwork Proxies component on macOS/iOS. Root cause: improper handling of a Set-Cookie header in HTTP CONNECT responses, enabling a remote proxy to inject cookies via a crafted response. Public references in Apple advisories show mitigation by removing the Set-Cookie h...