CVE-2009-1711

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.
References
Link Resource
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Patch Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://osvdb.org/55015
http://secunia.com/advisories/35379 Vendor Advisory
http://secunia.com/advisories/36790
http://secunia.com/advisories/37746
http://secunia.com/advisories/43068
http://securitytracker.com/id?1022345
http://support.apple.com/kb/HT3613 Patch Vendor Advisory
http://www.debian.org/security/2009/dsa-1950
http://www.securityfocus.com/bid/35260 Exploit Patch
http://www.securityfocus.com/bid/35310
http://www.ubuntu.com/usn/USN-836-1
http://www.ubuntu.com/usn/USN-857-1
http://www.vupen.com/english/advisories/2009/1522 Patch Vendor Advisory
http://www.vupen.com/english/advisories/2011/0212
https://exchange.xforce.ibmcloud.com/vulnerabilities/51265
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Patch Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://osvdb.org/55015
http://secunia.com/advisories/35379 Vendor Advisory
http://secunia.com/advisories/36790
http://secunia.com/advisories/37746
http://secunia.com/advisories/43068
http://securitytracker.com/id?1022345
http://support.apple.com/kb/HT3613 Patch Vendor Advisory
http://www.debian.org/security/2009/dsa-1950
http://www.securityfocus.com/bid/35260 Exploit Patch
http://www.securityfocus.com/bid/35310
http://www.ubuntu.com/usn/USN-836-1
http://www.ubuntu.com/usn/USN-857-1
http://www.vupen.com/english/advisories/2009/1522 Patch Vendor Advisory
http://www.vupen.com/english/advisories/2011/0212
https://exchange.xforce.ibmcloud.com/vulnerabilities/51265
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:0.8:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:0.9:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.3:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:1.1:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3.1:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3.2:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.2:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.4:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.3:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.4:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.1:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.2:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.1:*:mac:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.3:*:mac:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:apple:safari:*:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.3:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.4:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.2:*:windows:*:*:*:*:*

History

21 Nov 2024, 01:03

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html - Patch, Vendor Advisory () http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html - Patch, Vendor Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html - () http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html -
References () http://osvdb.org/55015 - () http://osvdb.org/55015 -
References () http://secunia.com/advisories/35379 - Vendor Advisory () http://secunia.com/advisories/35379 - Vendor Advisory
References () http://secunia.com/advisories/36790 - () http://secunia.com/advisories/36790 -
References () http://secunia.com/advisories/37746 - () http://secunia.com/advisories/37746 -
References () http://secunia.com/advisories/43068 - () http://secunia.com/advisories/43068 -
References () http://securitytracker.com/id?1022345 - () http://securitytracker.com/id?1022345 -
References () http://support.apple.com/kb/HT3613 - Patch, Vendor Advisory () http://support.apple.com/kb/HT3613 - Patch, Vendor Advisory
References () http://www.debian.org/security/2009/dsa-1950 - () http://www.debian.org/security/2009/dsa-1950 -
References () http://www.securityfocus.com/bid/35260 - Exploit, Patch () http://www.securityfocus.com/bid/35260 - Exploit, Patch
References () http://www.securityfocus.com/bid/35310 - () http://www.securityfocus.com/bid/35310 -
References () http://www.ubuntu.com/usn/USN-836-1 - () http://www.ubuntu.com/usn/USN-836-1 -
References () http://www.ubuntu.com/usn/USN-857-1 - () http://www.ubuntu.com/usn/USN-857-1 -
References () http://www.vupen.com/english/advisories/2009/1522 - Patch, Vendor Advisory () http://www.vupen.com/english/advisories/2009/1522 - Patch, Vendor Advisory
References () http://www.vupen.com/english/advisories/2011/0212 - () http://www.vupen.com/english/advisories/2011/0212 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/51265 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/51265 -

Information

Published : 2009-06-10 18:00

Updated : 2024-11-21 01:03


NVD link : CVE-2009-1711

Mitre link : CVE-2009-1711

CVE.ORG link : CVE-2009-1711


JSON object : View

Products Affected

apple

  • safari
CWE
CWE-399

Resource Management Errors