CVE-2016-7152

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned.

Description The issue concerns the HTTPS protocol and its interaction with web-browser configurations, particularly when third-party cookies are sent. This can be exploited by remote attackers to obtain cleartext data through a "HEIST" attack, which leverages the lack of consideration for the TCP congestion window in providing content length information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.