![]() ![]() The issue was addressed through improved handling of redirects. HTTP request headers sent in a redirect response could be passed on to another origin. Impact: Authentication credentials may be sent to a server on another originĭescription: A cross-domain HTTP request headers issue existed in redirect handling. The issue was address through improved handling of redirects. Cookies set in a redirect response could be passed on to a redirect target belonging to another origin. Impact: Cookies belonging to one origin may be sent to another originĭescription: A cross-domain cookie issue existed in redirect handling. Impact: Update to the certificate trust policyĭescription: The certificate trust policy was updated. These issues were addressed through improved input validation.ĬVE-2015-1131 : Ian Beer of Google Project ZeroĬVE-2015-1132 : Ian Beer of Google Project ZeroĬVE-2015-1133 : Ian Beer of Google Project ZeroĬVE-2015-1134 : Ian Beer of Google Project ZeroĬVE-2015-1135 : Ian Beer of Google Project Zero Impact: A local user may be able to execute arbitrary code with system privilegesĭescription: Multiple input validation issues existed in fontd. ![]() These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29 Impact: Multiple vulnerabilities in Apacheĭescription: Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. ![]() This issue was addressed with improved entitlement checking.ĬVE-2015-1130 : Emil Kvarnhammar at TrueSecĪvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2 Impact: A process may gain admin privileges without properly authenticatingĭescription: An issue existed when checking XPC entitlements. Available for: OS X Yosemite v10.10 to v10.10.2 ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |