Llamakko_Cafe

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.3.2 Safari versions prior to 10.1.1 **Description** The issue involves the Safari component and allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved via a crafted web site that improperly interacts with the history menu. **Recommendations** For iOS versions prior to 10.3.2, update to version 10.3.2 or later. For Safari versions prior to 10.1.1, update to version 10.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9.2 Apple OS X versions prior to 10.11.2 **Description** The issue allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL, specifically affecting the CFNetwork HTTPProtocol. **Recommendations** For Apple iOS versions prior to 9.2, update to version 9.2 or later. For Apple OS X versions prior to 10.11.2, update to version 10.11.2 or later.