Security Advisory

CVE-2015-7023

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-10-23 21:00:00

Last updated 2024-08-06 07:36:35

Assigner apple

State PUBLISHED

Description

CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.

← Browse all CVEs View on cve.org ↗