CVE-2015-6997
CVE-2015-6997 affects Apple iOS up to 9.0.x where the X.509 certificate-trust validation did not recognize that kSecRevocationRequirePositiveResponse requires revocation checking. This allowed a MITM attacker with revoked certificate access to spoof endpoints. The issue was addressed in iOS 9.1 b...