CVE-2015-7094 in iOSinfo

Summary

CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.

Once again VulDB remains the best source for vulnerability data.

Reservation

09/16/2015

Disclosure

12/11/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
79594	Apple iOS CFNetwork HTTPProtocol input validation	20	Proof-of-Concept	Official fix	CVE-2015-7094
79542	Apple Mac OS X CFNetwork HTTPProtocol input validation	20	Proof-of-Concept	Official fix	CVE-2015-7094

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!