← back
CVE-2010-1834

CVE-2010-1834

EPSS 1.3%
CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlhttp://support.apple.com/kb/HT4435http://www.securitytracker.com/id?1024723