CVE

Id
39133  
CVE No.
CVE-2009-1698  
Status
Candidate  
Description
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.  
Phase
Assigned (20090520)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
429984 39133 CVE-2009-1698 BUGTRAQ:20090608 ZDI-09-032: Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability  View
429985 39133 CVE-2009-1698 URL:http://www.securityfocus.com/archive/1/archive/1/504173/100/0/threaded  View
429986 39133 CVE-2009-1698 BUGTRAQ:20090614 [TZO-37-2009] Apple Safari <v4 Remote code execution  View
429987 39133 CVE-2009-1698 URL:http://www.securityfocus.com/archive/1/archive/1/504295/100/0/threaded  View
429988 39133 CVE-2009-1698 MISC:http://www.zerodayinitiative.com/advisories/ZDI-09-032/  View
429989 39133 CVE-2009-1698 MISC:http://blog.zoller.lu/2009/05/advisory-apple-safari-remote-code.html  View
429990 39133 CVE-2009-1698 CONFIRM:http://support.apple.com/kb/HT3613  View
429991 39133 CVE-2009-1698 CONFIRM:http://support.apple.com/kb/HT3639  View
429992 39133 CVE-2009-1698 APPLE:APPLE-SA-2009-06-08-1  View
429993 39133 CVE-2009-1698 URL:http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html  View
429994 39133 CVE-2009-1698 APPLE:APPLE-SA-2009-06-17-1  View
429995 39133 CVE-2009-1698 URL:http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html  View
429996 39133 CVE-2009-1698 DEBIAN:DSA-1950  View
429997 39133 CVE-2009-1698 URL:http://www.debian.org/security/2009/dsa-1950  View
429998 39133 CVE-2009-1698 FEDORA:FEDORA-2009-8020  View
429999 39133 CVE-2009-1698 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html  View
430000 39133 CVE-2009-1698 FEDORA:FEDORA-2009-8039  View
430001 39133 CVE-2009-1698 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html  View
430002 39133 CVE-2009-1698 FEDORA:FEDORA-2009-8046  View
430003 39133 CVE-2009-1698 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html  View
430004 39133 CVE-2009-1698 FEDORA:FEDORA-2009-8049  View
430005 39133 CVE-2009-1698 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html  View
430006 39133 CVE-2009-1698 MANDRIVA:MDVSA-2009:330  View
430007 39133 CVE-2009-1698 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:330  View
430008 39133 CVE-2009-1698 REDHAT:RHSA-2009:1128  View
430009 39133 CVE-2009-1698 URL:http://www.redhat.com/support/errata/RHSA-2009-1128.html  View
430010 39133 CVE-2009-1698 SUSE:SUSE-SR:2011:002  View
430011 39133 CVE-2009-1698 URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html  View
430012 39133 CVE-2009-1698 UBUNTU:USN-822-1  View
430013 39133 CVE-2009-1698 URL:http://www.ubuntu.com/usn/USN-822-1  View
430014 39133 CVE-2009-1698 UBUNTU:USN-857-1  View
430015 39133 CVE-2009-1698 URL:http://www.ubuntu.com/usn/USN-857-1  View
430016 39133 CVE-2009-1698 UBUNTU:USN-836-1  View
430017 39133 CVE-2009-1698 URL:http://www.ubuntu.com/usn/USN-836-1  View
430018 39133 CVE-2009-1698 BID:35260  View
430019 39133 CVE-2009-1698 URL:http://www.securityfocus.com/bid/35260  View
430020 39133 CVE-2009-1698 BID:35318  View
430021 39133 CVE-2009-1698 URL:http://www.securityfocus.com/bid/35318  View
430022 39133 CVE-2009-1698 OSVDB:55006  View
430023 39133 CVE-2009-1698 URL:http://osvdb.org/55006  View
430024 39133 CVE-2009-1698 OVAL:oval:org.mitre.oval:def:9484  View
430025 39133 CVE-2009-1698 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9484  View
430026 39133 CVE-2009-1698 SECTRACK:1022345  View
430027 39133 CVE-2009-1698 URL:http://securitytracker.com/id?1022345  View
430028 39133 CVE-2009-1698 SECUNIA:35379  View
430029 39133 CVE-2009-1698 URL:http://secunia.com/advisories/35379  View
430030 39133 CVE-2009-1698 SECUNIA:35588  View
430031 39133 CVE-2009-1698 URL:http://secunia.com/advisories/35588  View
430032 39133 CVE-2009-1698 SECUNIA:36057  View
430033 39133 CVE-2009-1698 URL:http://secunia.com/advisories/36057  View
430034 39133 CVE-2009-1698 SECUNIA:36062  View
430035 39133 CVE-2009-1698 URL:http://secunia.com/advisories/36062  View
430036 39133 CVE-2009-1698 SECUNIA:37746  View
430037 39133 CVE-2009-1698 URL:http://secunia.com/advisories/37746  View
430038 39133 CVE-2009-1698 SECUNIA:36790  View
430039 39133 CVE-2009-1698 URL:http://secunia.com/advisories/36790  View
430040 39133 CVE-2009-1698 SECUNIA:43068  View
430041 39133 CVE-2009-1698 URL:http://secunia.com/advisories/43068  View
430042 39133 CVE-2009-1698 VUPEN:ADV-2009-1522  View
430043 39133 CVE-2009-1698 URL:http://www.vupen.com/english/advisories/2009/1522  View
430044 39133 CVE-2009-1698 VUPEN:ADV-2009-1621  View
430045 39133 CVE-2009-1698 URL:http://www.vupen.com/english/advisories/2009/1621  View
430046 39133 CVE-2009-1698 VUPEN:ADV-2011-0212  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
40771 JVNDB-2009-001777 複数の Apple 製品における Location と History オブジェクトの処理に関するクロスサイトスクリプティングの脆弱性 複数の Apple 製品の WebKit には、Location と History オブジェクトの処理に問題があるため、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2009-1702 39133 4.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001777.html  View