Vulnerability-Lookup

CVE-2009-1725 (GCVE-0-2009-1725)

Vulnerability from cvelistv5 – Published: 2009-07-09 17:00 – Updated: 2024-08-07 05:20

Summary

WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://websvn.kde.org/?view=rev&revision=1002164	x_refsource_CONFIRM
	http://websvn.kde.org/?view=rev&revision=1002163	x_refsource_CONFIRM
	http://secunia.com/advisories/43068	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://support.apple.com/kb/HT3666	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0212	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://websvn.kde.org/?view=rev&revision=1002162	x_refsource_CONFIRM
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.securityfocus.com/bid/35607	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2009/1827	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/37746	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/55739	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/36790	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/36347	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1950	vendor-advisoryx_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/36062	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-857-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/36057	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.securitytracker.com/id?1022526	vdb-entryx_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	https://bugzilla.redhat.com/show_bug.cgi?id=513813	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-836-1	vendor-advisoryx_refsource_UBUNTU
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/36677	third-party-advisoryx_refsource_SECUNIA
	http://support.apple.com/kb/HT3860	x_refsource_CONFIRM
	http://secunia.com/advisories/35758	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:20:35.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "FEDORA-2009-8039",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
          },
          {
            "name": "MDVSA-2009:330",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3666"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "APPLE-SA-2009-07-08-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
          },
          {
            "name": "FEDORA-2009-8046",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
          },
          {
            "name": "35607",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35607"
          },
          {
            "name": "ADV-2009-1827",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1827"
          },
          {
            "name": "37746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37746"
          },
          {
            "name": "55739",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55739"
          },
          {
            "name": "36790",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36790"
          },
          {
            "name": "36347",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36347"
          },
          {
            "name": "DSA-1950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1950"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "36062",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36062"
          },
          {
            "name": "USN-857-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-857-1"
          },
          {
            "name": "36057",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36057"
          },
          {
            "name": "FEDORA-2009-8802",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
          },
          {
            "name": "1022526",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022526"
          },
          {
            "name": "oval:org.mitre.oval:def:5777",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
          },
          {
            "name": "FEDORA-2009-8049",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
          },
          {
            "name": "USN-836-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-836-1"
          },
          {
            "name": "FEDORA-2009-8800",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
          },
          {
            "name": "APPLE-SA-2009-09-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
          },
          {
            "name": "36677",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36677"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3860"
          },
          {
            "name": "35758",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35758"
          },
          {
            "name": "FEDORA-2009-8020",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "FEDORA-2009-8039",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
        },
        {
          "name": "MDVSA-2009:330",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3666"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "APPLE-SA-2009-07-08-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
        },
        {
          "name": "FEDORA-2009-8046",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
        },
        {
          "name": "35607",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35607"
        },
        {
          "name": "ADV-2009-1827",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1827"
        },
        {
          "name": "37746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37746"
        },
        {
          "name": "55739",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55739"
        },
        {
          "name": "36790",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36790"
        },
        {
          "name": "36347",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36347"
        },
        {
          "name": "DSA-1950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1950"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "36062",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36062"
        },
        {
          "name": "USN-857-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-857-1"
        },
        {
          "name": "36057",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36057"
        },
        {
          "name": "FEDORA-2009-8802",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
        },
        {
          "name": "1022526",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022526"
        },
        {
          "name": "oval:org.mitre.oval:def:5777",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
        },
        {
          "name": "FEDORA-2009-8049",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
        },
        {
          "name": "USN-836-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-836-1"
        },
        {
          "name": "FEDORA-2009-8800",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
        },
        {
          "name": "APPLE-SA-2009-09-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
        },
        {
          "name": "36677",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36677"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3860"
        },
        {
          "name": "35758",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35758"
        },
        {
          "name": "FEDORA-2009-8020",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1725",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://websvn.kde.org/?view=rev\u0026revision=1002164",
              "refsource": "CONFIRM",
              "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
            },
            {
              "name": "http://websvn.kde.org/?view=rev\u0026revision=1002163",
              "refsource": "CONFIRM",
              "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "FEDORA-2009-8039",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
            },
            {
              "name": "MDVSA-2009:330",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
            },
            {
              "name": "http://support.apple.com/kb/HT3666",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3666"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "APPLE-SA-2009-07-08-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
            },
            {
              "name": "http://websvn.kde.org/?view=rev\u0026revision=1002162",
              "refsource": "CONFIRM",
              "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
            },
            {
              "name": "FEDORA-2009-8046",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
            },
            {
              "name": "35607",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35607"
            },
            {
              "name": "ADV-2009-1827",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1827"
            },
            {
              "name": "37746",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37746"
            },
            {
              "name": "55739",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55739"
            },
            {
              "name": "36790",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36790"
            },
            {
              "name": "36347",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36347"
            },
            {
              "name": "DSA-1950",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1950"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "36062",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36062"
            },
            {
              "name": "USN-857-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-857-1"
            },
            {
              "name": "36057",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36057"
            },
            {
              "name": "FEDORA-2009-8802",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
            },
            {
              "name": "1022526",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022526"
            },
            {
              "name": "oval:org.mitre.oval:def:5777",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
            },
            {
              "name": "FEDORA-2009-8049",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513813",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
            },
            {
              "name": "USN-836-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-836-1"
            },
            {
              "name": "FEDORA-2009-8800",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
            },
            {
              "name": "APPLE-SA-2009-09-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
            },
            {
              "name": "36677",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36677"
            },
            {
              "name": "http://support.apple.com/kb/HT3860",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3860"
            },
            {
              "name": "35758",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35758"
            },
            {
              "name": "FEDORA-2009-8020",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1725",
    "datePublished": "2009-07-09T17:00:00.000Z",
    "dateReserved": "2009-05-20T00:00:00.000Z",
    "dateUpdated": "2024-08-07T05:20:35.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2009-AVI-383

Vulnerability from certfr_avis - Published: 2009-09-11 - Updated: 2009-09-11

Plusieurs vulnérabilités, dont certaines permettant l'exécution de code arbitraire à distance, ont été corrigées.

Description

Plusieurs vulnérabilités ont été corrigées dont deux permettant l'exécution de code arbitraire. La première est exploitable au moyen d'un fichier audio au format AAC ou MP3 spécialement réalisé et la seconde par le biais d'une page web spécifiquement conçue.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions d'iPhone OS antérieures à 3.1 et iPhone OS pour iPod Touch antérieurs à 3.1.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT3860 du 9 septembre 2009	None	vendor-advisory
Bulletin de sécurité Apple HT3860 du 09 septembre 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eLes versions d\u0027\u003cTT\u003eiPhone OS\u003c/TT\u003e  ant\u00e9rieures \u00e0 3.1 et \u003cTT\u003eiPhone OS\u003c/TT\u003e pour \u003cTT\u003eiPod Touch\u003c/TT\u003e  ant\u00e9rieurs \u00e0 3.1.1.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dont deux permettant\nl\u0027ex\u00e9cution de code arbitraire. La premi\u00e8re est exploitable au moyen\nd\u0027un fichier audio au format AAC ou MP3 sp\u00e9cialement r\u00e9alis\u00e9 et la\nseconde par le biais d\u0027une page web sp\u00e9cifiquement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2794"
    },
    {
      "name": "CVE-2009-2207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2207"
    },
    {
      "name": "CVE-2009-2815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2815"
    },
    {
      "name": "CVE-2009-2797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2797"
    },
    {
      "name": "CVE-2009-2796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2796"
    },
    {
      "name": "CVE-2009-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1725"
    },
    {
      "name": "CVE-2009-2199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2199"
    },
    {
      "name": "CVE-2009-2206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2206"
    },
    {
      "name": "CVE-2009-2795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2795"
    },
    {
      "name": "CVE-2009-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1724"
    }
  ],
  "initial_release_date": "2009-09-11T00:00:00",
  "last_revision_date": "2009-09-11T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3860 du 09 septembre 2009 :",
      "url": "http://support.apple.com/kb/HT3860"
    }
  ],
  "reference": "CERTA-2009-AVI-383",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-09-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s, dont certaines permettant l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance, ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multipleis vuln\u00e9rabilit\u00e9s dans iPhone OS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3860 du 9 septembre 2009",
      "url": null
    }
  ]
}

CERTA-2009-AVI-271

Vulnerability from certfr_avis - Published: 2009-07-10 - Updated: 2009-07-10

Deux vulnérabilités permettant, entre autre, l'exécution de code arbitraire à distance ont été corrigées.

Description

Deux vulnérabilités ont été corrigées. La première intervient lors du traitement des objets parent et top et la seconde lors du traitement de références numériques à des caractères. Une personne malveillante peut utiliser la première pour conduire une attaque en XSS et la seconde pour exécuter du code arbitraire à distance, dans les deux cas, au moyen d'une page web spécialement écrite.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Safari 4 pour Windows et Mac OS X.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT3666 du 8 juillet 2009	None	vendor-advisory
Bulletin de sécurité Apple HT3666 du 08 juillet 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eSafari 4 pour Windows et Mac OS X.\u003c/p\u003e",
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es. La premi\u00e8re intervient lors du\ntraitement des objets parent et top et la seconde lors du traitement de\nr\u00e9f\u00e9rences num\u00e9riques \u00e0 des caract\u00e8res. Une personne malveillante peut\nutiliser la premi\u00e8re pour conduire une attaque en XSS et la seconde pour\nex\u00e9cuter du code arbitraire \u00e0 distance, dans les deux cas, au moyen\nd\u0027une page web sp\u00e9cialement \u00e9crite.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1725"
    },
    {
      "name": "CVE-2009-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1724"
    }
  ],
  "initial_release_date": "2009-07-10T00:00:00",
  "last_revision_date": "2009-07-10T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3666 du 08 juillet 2009 :",
      "url": "http://support.apple.com/kb/HT3666"
    }
  ],
  "reference": "CERTA-2009-AVI-271",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s permettant, entre autre, l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3666 du 8 juillet 2009",
      "url": null
    }
  ]
}

GSD-2009-1725

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-1725

Aliases

CVE-2009-1725

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-1725",
    "description": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.",
    "id": "GSD-2009-1725",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-1725.html",
      "https://www.debian.org/security/2010/dsa-1988",
      "https://www.debian.org/security/2009/dsa-1950"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-1725"
      ],
      "details": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.",
      "id": "GSD-2009-1725",
      "modified": "2023-12-13T01:19:47.848393Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-1725",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://websvn.kde.org/?view=rev\u0026revision=1002164",
            "refsource": "CONFIRM",
            "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
          },
          {
            "name": "http://websvn.kde.org/?view=rev\u0026revision=1002163",
            "refsource": "CONFIRM",
            "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
          },
          {
            "name": "43068",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "FEDORA-2009-8039",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
          },
          {
            "name": "MDVSA-2009:330",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
          },
          {
            "name": "http://support.apple.com/kb/HT3666",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3666"
          },
          {
            "name": "ADV-2011-0212",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "APPLE-SA-2009-07-08-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
          },
          {
            "name": "http://websvn.kde.org/?view=rev\u0026revision=1002162",
            "refsource": "CONFIRM",
            "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
          },
          {
            "name": "FEDORA-2009-8046",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
          },
          {
            "name": "35607",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/35607"
          },
          {
            "name": "ADV-2009-1827",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1827"
          },
          {
            "name": "37746",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/37746"
          },
          {
            "name": "55739",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/55739"
          },
          {
            "name": "36790",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36790"
          },
          {
            "name": "36347",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36347"
          },
          {
            "name": "DSA-1950",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2009/dsa-1950"
          },
          {
            "name": "SUSE-SR:2011:002",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "36062",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36062"
          },
          {
            "name": "USN-857-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-857-1"
          },
          {
            "name": "36057",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36057"
          },
          {
            "name": "FEDORA-2009-8802",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
          },
          {
            "name": "1022526",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022526"
          },
          {
            "name": "oval:org.mitre.oval:def:5777",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
          },
          {
            "name": "FEDORA-2009-8049",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513813",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
          },
          {
            "name": "USN-836-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-836-1"
          },
          {
            "name": "FEDORA-2009-8800",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
          },
          {
            "name": "APPLE-SA-2009-09-09-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
          },
          {
            "name": "36677",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36677"
          },
          {
            "name": "http://support.apple.com/kb/HT3860",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3860"
          },
          {
            "name": "35758",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35758"
          },
          {
            "name": "FEDORA-2009-8020",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "3.0.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "3.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1725"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT3666",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT3666"
            },
            {
              "name": "APPLE-SA-2009-07-08-1",
              "refsource": "APPLE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
            },
            {
              "name": "35607",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/35607"
            },
            {
              "name": "35758",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/35758"
            },
            {
              "name": "1022526",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1022526"
            },
            {
              "name": "55739",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/55739"
            },
            {
              "name": "ADV-2009-1827",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/1827"
            },
            {
              "name": "36062",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36062"
            },
            {
              "name": "FEDORA-2009-8046",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
            },
            {
              "name": "FEDORA-2009-8020",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
            },
            {
              "name": "FEDORA-2009-8049",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
            },
            {
              "name": "FEDORA-2009-8039",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
            },
            {
              "name": "36057",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36057"
            },
            {
              "name": "http://websvn.kde.org/?view=rev\u0026revision=1002164",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513813",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
            },
            {
              "name": "http://websvn.kde.org/?view=rev\u0026revision=1002162",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
            },
            {
              "name": "FEDORA-2009-8800",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
            },
            {
              "name": "http://websvn.kde.org/?view=rev\u0026revision=1002163",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
            },
            {
              "name": "FEDORA-2009-8802",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
            },
            {
              "name": "36347",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36347"
            },
            {
              "name": "http://support.apple.com/kb/HT3860",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3860"
            },
            {
              "name": "36677",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36677"
            },
            {
              "name": "APPLE-SA-2009-09-09-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
            },
            {
              "name": "DSA-1950",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2009/dsa-1950"
            },
            {
              "name": "37746",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/37746"
            },
            {
              "name": "MDVSA-2009:330",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
            },
            {
              "name": "USN-857-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-857-1"
            },
            {
              "name": "36790",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36790"
            },
            {
              "name": "USN-836-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-836-1"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "oval:org.mitre.oval:def:5777",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2022-08-09T13:48Z",
      "publishedDate": "2009-07-09T17:30Z"
    }
  }
}

GHSA-6H8H-64G5-RGV5

Vulnerability from github – Published: 2022-05-02 03:27 – Updated: 2022-05-02 03:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-1725"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-07-09T17:30:00Z",
    "severity": "HIGH"
  },
  "details": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.",
  "id": "GHSA-6h8h-64g5-rgv5",
  "modified": "2022-05-02T03:27:54Z",
  "published": "2022-05-02T03:27:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1725"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/55739"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35758"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36057"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36062"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36347"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36677"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36790"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37746"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3666"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3860"
    },
    {
      "type": "WEB",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
    },
    {
      "type": "WEB",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
    },
    {
      "type": "WEB",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2009/dsa-1950"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/35607"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022526"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-836-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-857-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1827"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2009-1725

Vulnerability from fkie_nvd - Published: 2009-07-09 17:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html	Patch, Vendor Advisory
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
cve@mitre.org	http://osvdb.org/55739
cve@mitre.org	http://secunia.com/advisories/35758
cve@mitre.org	http://secunia.com/advisories/36057
cve@mitre.org	http://secunia.com/advisories/36062
cve@mitre.org	http://secunia.com/advisories/36347
cve@mitre.org	http://secunia.com/advisories/36677
cve@mitre.org	http://secunia.com/advisories/36790
cve@mitre.org	http://secunia.com/advisories/37746
cve@mitre.org	http://secunia.com/advisories/43068
cve@mitre.org	http://support.apple.com/kb/HT3666	Patch, Vendor Advisory
cve@mitre.org	http://support.apple.com/kb/HT3860
cve@mitre.org	http://websvn.kde.org/?view=rev&revision=1002162
cve@mitre.org	http://websvn.kde.org/?view=rev&revision=1002163
cve@mitre.org	http://websvn.kde.org/?view=rev&revision=1002164
cve@mitre.org	http://www.debian.org/security/2009/dsa-1950
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:330
cve@mitre.org	http://www.securityfocus.com/bid/35607	Patch
cve@mitre.org	http://www.securitytracker.com/id?1022526
cve@mitre.org	http://www.ubuntu.com/usn/USN-836-1
cve@mitre.org	http://www.ubuntu.com/usn/USN-857-1
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1827
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0212
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=513813
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/55739
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35758
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36057
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36062
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36347
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36677
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36790
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37746
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43068
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3666	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3860
af854a3a-2127-422b-91ae-364da2661108	http://websvn.kde.org/?view=rev&revision=1002162
af854a3a-2127-422b-91ae-364da2661108	http://websvn.kde.org/?view=rev&revision=1002163
af854a3a-2127-422b-91ae-364da2661108	http://websvn.kde.org/?view=rev&revision=1002164
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1950
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:330
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022526
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-836-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-857-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1827
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0212
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=513813
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html

Impacted products

Vendor	Product	Version
apple	safari	*
apple	safari	2.0
apple	safari	2.0.0
apple	safari	2.0.1
apple	safari	2.0.2
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.4
apple	safari	3.0
apple	safari	3.0.0
apple	safari	3.0.0b
apple	safari	3.0.1
apple	safari	3.0.1
apple	safari	3.0.1b
apple	safari	3.0.2
apple	safari	3.0.2b
apple	safari	3.0.3
apple	safari	3.0.3b
apple	safari	3.0.4
apple	safari	3.0.4b
apple	safari	3.1.0
apple	safari	3.1.0b
apple	safari	3.1.1
apple	safari	3.1.2
apple	safari	3.2.0
apple	safari	3.2.1
apple	safari	3.2.2
apple	safari	4.0
apple	safari	4.0.0b
apple	iphone_os	*
apple	iphone_os	1.0.0
apple	iphone_os	1.0.1
apple	iphone_os	1.0.2
apple	iphone_os	1.1.0
apple	iphone_os	1.1.1
apple	iphone_os	1.1.2
apple	iphone_os	1.1.3
apple	iphone_os	1.1.4
apple	iphone_os	1.1.5
apple	iphone_os	2.0
apple	iphone_os	2.0.0
apple	iphone_os	2.0.1
apple	iphone_os	2.0.2
apple	iphone_os	2.1
apple	iphone_os	2.1.1
apple	iphone_os	2.2
apple	iphone_os	2.2.1
apple	iphone_os	3.0
apple	iphone_os	*
apple	iphone_os	*
apple	iphone_os	1.0.0
apple	iphone_os	1.0.1
apple	iphone_os	1.0.2
apple	iphone_os	1.1.0
apple	iphone_os	1.1.1
apple	iphone_os	1.1.2
apple	iphone_os	1.1.3
apple	iphone_os	1.1.4
apple	iphone_os	1.1.5
apple	iphone_os	2.0
apple	iphone_os	2.0.0
apple	iphone_os	2.0.1
apple	iphone_os	2.0.2
apple	iphone_os	2.1
apple	iphone_os	2.1.1
apple	iphone_os	2.2
apple	iphone_os	2.2.1
apple	iphone_os	3.0
apple	iphone_os	3.0.1
apple	ipod_touch	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C38B814-0E98-4BC7-9981-56F9EC1BFB74",
              "versionEndIncluding": "4.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
              "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
              "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
              "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
              "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "4CED950D-38AB-4D66-B97A-FB982D86057F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE457690-CB2B-42BD-B97C-E723AFD02FB7",
              "versionEndIncluding": "3.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "340C4071-1447-477F-942A-8E09EA29F917",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1A9F14-4F3A-4B85-9050-84B51D59C9A1",
              "versionEndIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CFF5BE7-2BF6-48CE-B74B-B1A05383C10F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88FA2602-DDAB-4E23-A3D2-FB712970AAD1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."
    },
    {
      "lang": "es",
      "value": "WebKit en Apple Safari anterior a v4.0.2, no maneja adecuadamente las referencias de caracteres num\u00e9ricos, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un documento HTML manipulado."
    }
  ],
  "id": "CVE-2009-1725",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-07-09T17:30:00.420",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/55739"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35758"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36057"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36062"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36347"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36677"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36790"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37746"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3666"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3860"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1950"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/35607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022526"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-836-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-857-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1827"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/55739"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36347"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3860"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://websvn.kde.org/?view=rev\u0026revision=1002164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/35607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022526"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-836-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-857-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of the kdelibs packages, as shipped with Red Hat Enterprise Linux 3, 4, or 5.",
      "lastModified": "2009-08-07T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-1725 (GCVE-0-2009-1725)

CERTA-2009-AVI-383

Description

Solution

CERTA-2009-AVI-271

Description

Solution

GSD-2009-1725

GHSA-6H8H-64G5-RGV5

FKIE_CVE-2009-1725

Tags

Sightings

Nomenclature