CVE-2015-1129 Information

Description

Apple Safari before 6.2.5 7.x before 7.1.5 and 8.x before 8.0.5 does not properly select X.509 client certificates which makes it easier for remote attackers to track users via a crafted web site.

Reference

http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://www.securitytracker.com/id/1032047 https://support.apple.com/HT204658 https://support.apple.com/HT205212