CVE-2015-7023

Publication date

2015-10-23 21:00:00

Family

apple

State

PUBLISHED

Description

CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.