WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
No history.
Information
Published : 2009-06-10 18:00
Updated : 2024-02-28 11:21
NVD link : CVE-2009-1698
Mitre link : CVE-2009-1698
CVE.ORG link : CVE-2009-1698
JSON object : View
Products Affected
apple
- iphone_os
- ipod_touch
- safari
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')