CVE Published: 18/09/2015 |
CVE Updated: 06/08/2024 |
CVE Year: 2015 Source: apple |
Vendor: n/a |
Product: n/a Status : PUBLISHED
CVE-2015-5841 Description
The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.