The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.2 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to properly properly handle cookies during processing of redirects in HTTP responses. Successful exploitation allows attackers to bypass the Same Origin Policy via a crafted web site.