URL Parsing Vulnerability in CFNetwork

URL Parsing Vulnerability in CFNetwork

CVE-2011-3246 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies to unintended web sites, via a crafted (1) http or (2) https URL.

Learn more about our Cis Benchmark Audit For Apple Ios.