CFNetwork in Apple Mac OS X 10.5 prior to 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote malicious users to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.5.5 |
||
apple mac os x 10.5.6 |
||
apple mac os x server 10.5.4 |
||
apple mac os x 10.5.1 |
||
apple mac os x 10.5.3 |
||
apple mac os x server 10.5.1 |
||
apple mac os x server 10.5.3 |
||
apple mac os x 10.5 |
||
apple mac os x 10.5.2 |
||
apple mac os x 10.5.4 |
||
apple mac os x server 10.5.2 |
||
apple mac os x server 10.5.6 |