Unrated severityNVD Advisory· Published Mar 11, 2015· Updated Jun 17, 2026
CVE-2015-1067
CVE-2015-1067
Description
Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Range: <7.1
- Range: <8.2
- Range: <=10.10.2
Patches
Vulnerability mechanics
References
13- freakattack.comnvdExploit
- lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlnvdVendor Advisory
- lists.apple.com/archives/security-announce/2015/Mar/msg00000.htmlnvdVendor Advisory
- lists.apple.com/archives/security-announce/2015/Mar/msg00001.htmlnvdVendor Advisory
- lists.apple.com/archives/security-announce/2015/Mar/msg00002.htmlnvdVendor Advisory
- www.securitytracker.com/id/1031829nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1031830nvdThird Party AdvisoryVDB Entry
- support.apple.com/HT204413nvdVendor Advisory
- support.apple.com/HT204423nvdVendor Advisory
- support.apple.com/HT204426nvdVendor Advisory
- support.apple.com/HT204659nvdVendor Advisory
- www.securityfocus.com/bid/73009nvd
- support.apple.com/kb/HT204870nvd
News mentions
0No linked articles in our index yet.