Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-3658
Description:The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-3658
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Jun/msg00004.html
BugTraq ID: 75492
http://www.securityfocus.com/bid/75492
http://www.securitytracker.com/id/1032754
SuSE Security Announcement: openSUSE-SU-2016:0915 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
http://www.ubuntu.com/usn/USN-2937-1




© 1998-2024 E-Soft Inc. All rights reserved.