CVE-2015-5859

The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Information

Published : 2015-11-21 19:59

Updated : 2015-11-30 11:50


NVD link : CVE-2015-5859

Mitre link : CVE-2015-5859


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x
  • iphone_os