3 matches found
CVE-2016-4642
CVE-2016-4642 affects CFNetwork Proxies in iOS 9.3.3 and later, tvOS 9.2.2, and OS X El Capitan 10.11.6/Security Update 2016-004. The flaw: proxy authentication incorrectly reported HTTP proxies received credentials securely, with an impact described as possible leakage of sensitive user informat...
CVE-2016-4643
CVE-2016-4643 affects Apple iOS (prior to 9.3.3), tvOS (prior to 9.2.2) and OS X El Capitan (prior to 10.11.6 and Security Update 2016-004). Root cause: a validation issue in the parsing of HTTP 407 responses within CFNetwork Proxies. Consequence (as stated by Apple and CVE references): an attack...
CVE-2016-4644
In CVE-2016-4644, Apple iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6/ Security Update 2016-004 have a downgrade issue where HTTP authentication credentials saved in Keychain could be compromised. The underlying problem was mitigated by storing the authentication types ...