Back to search
CVE-2015-1067
Published: Mar 11, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
73009
vdb-entry
x_refsource_BID
https://support.apple.com/HT204659
x_refsource_CONFIRM
https://support.apple.com/kb/HT204870
x_refsource_CONFIRM
APPLE-SA-2015-03-09-2
vendor-advisory
x_refsource_APPLE
1031829
vdb-entry
x_refsource_SECTRACK
1031830
vdb-entry
x_refsource_SECTRACK
APPLE-SA-2015-03-09-3
vendor-advisory
x_refsource_APPLE
https://support.apple.com/HT204426
x_refsource_CONFIRM
https://freakattack.com/
x_refsource_MISC
https://support.apple.com/HT204413
x_refsource_CONFIRM
APPLE-SA-2015-04-08-2
vendor-advisory
x_refsource_APPLE
APPLE-SA-2015-03-09-1
vendor-advisory
x_refsource_APPLE
https://support.apple.com/HT204423
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now