CVE-2009-0144

CVE-2009-0144 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote attackers to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections.

Learn more about our Network Penetration Testing.