Apple · Ios · CVE-2015-5907
**Name of the Vulnerable Software and Affected Versions**
iOS versions prior to 9
**Description**
The issue is related to the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate, allowing man-in-the-middle attackers to conduct redirection attacks. This is due to errors in cryptographic transformations, which can be exploited by a remote attacker to perform man-in-the-middle attacks because of errors in SSL certificate handling.
**Recommendations**
For iOS versions prior to 9, update to iOS 9 or later to resolve the issue.