Vulnerability-Lookup

CVE-2009-1724 (GCVE-0-2009-1724)

Vulnerability from cvelistv5 – Published: 2009-07-09 17:00 – Updated: 2024-08-07 05:20

Summary

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/43068	third-party-advisoryx_refsource_SECUNIA
	http://support.apple.com/kb/HT3666	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0212	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securityfocus.com/bid/35441	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2009/1827	vdb-entryx_refsource_VUPEN
	http://osvdb.org/55738	vdb-entryx_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id?1022525	vdb-entryx_refsource_SECTRACK
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/36677	third-party-advisoryx_refsource_SECUNIA
	http://support.apple.com/kb/HT3860	x_refsource_CONFIRM
	http://secunia.com/advisories/35758	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:20:35.201Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3666"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "APPLE-SA-2009-07-08-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
          },
          {
            "name": "35441",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35441"
          },
          {
            "name": "ADV-2009-1827",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1827"
          },
          {
            "name": "55738",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55738"
          },
          {
            "name": "oval:org.mitre.oval:def:6208",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "1022525",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022525"
          },
          {
            "name": "APPLE-SA-2009-09-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
          },
          {
            "name": "36677",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36677"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3860"
          },
          {
            "name": "35758",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35758"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3666"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "APPLE-SA-2009-07-08-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
        },
        {
          "name": "35441",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35441"
        },
        {
          "name": "ADV-2009-1827",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1827"
        },
        {
          "name": "55738",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55738"
        },
        {
          "name": "oval:org.mitre.oval:def:6208",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "1022525",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022525"
        },
        {
          "name": "APPLE-SA-2009-09-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
        },
        {
          "name": "36677",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36677"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3860"
        },
        {
          "name": "35758",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35758"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1724",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "http://support.apple.com/kb/HT3666",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3666"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "APPLE-SA-2009-07-08-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
            },
            {
              "name": "35441",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35441"
            },
            {
              "name": "ADV-2009-1827",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1827"
            },
            {
              "name": "55738",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55738"
            },
            {
              "name": "oval:org.mitre.oval:def:6208",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "1022525",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022525"
            },
            {
              "name": "APPLE-SA-2009-09-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
            },
            {
              "name": "36677",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36677"
            },
            {
              "name": "http://support.apple.com/kb/HT3860",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3860"
            },
            {
              "name": "35758",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35758"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1724",
    "datePublished": "2009-07-09T17:00:00.000Z",
    "dateReserved": "2009-05-20T00:00:00.000Z",
    "dateUpdated": "2024-08-07T05:20:35.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2009-AVI-271

Vulnerability from certfr_avis - Published: 2009-07-10 - Updated: 2009-07-10

Deux vulnérabilités permettant, entre autre, l'exécution de code arbitraire à distance ont été corrigées.

Description

Deux vulnérabilités ont été corrigées. La première intervient lors du traitement des objets parent et top et la seconde lors du traitement de références numériques à des caractères. Une personne malveillante peut utiliser la première pour conduire une attaque en XSS et la seconde pour exécuter du code arbitraire à distance, dans les deux cas, au moyen d'une page web spécialement écrite.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Safari 4 pour Windows et Mac OS X.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT3666 du 8 juillet 2009	None	vendor-advisory
Bulletin de sécurité Apple HT3666 du 08 juillet 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eSafari 4 pour Windows et Mac OS X.\u003c/p\u003e",
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es. La premi\u00e8re intervient lors du\ntraitement des objets parent et top et la seconde lors du traitement de\nr\u00e9f\u00e9rences num\u00e9riques \u00e0 des caract\u00e8res. Une personne malveillante peut\nutiliser la premi\u00e8re pour conduire une attaque en XSS et la seconde pour\nex\u00e9cuter du code arbitraire \u00e0 distance, dans les deux cas, au moyen\nd\u0027une page web sp\u00e9cialement \u00e9crite.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1725"
    },
    {
      "name": "CVE-2009-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1724"
    }
  ],
  "initial_release_date": "2009-07-10T00:00:00",
  "last_revision_date": "2009-07-10T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3666 du 08 juillet 2009 :",
      "url": "http://support.apple.com/kb/HT3666"
    }
  ],
  "reference": "CERTA-2009-AVI-271",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s permettant, entre autre, l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3666 du 8 juillet 2009",
      "url": null
    }
  ]
}

CERTA-2009-AVI-383

Vulnerability from certfr_avis - Published: 2009-09-11 - Updated: 2009-09-11

Plusieurs vulnérabilités, dont certaines permettant l'exécution de code arbitraire à distance, ont été corrigées.

Description

Plusieurs vulnérabilités ont été corrigées dont deux permettant l'exécution de code arbitraire. La première est exploitable au moyen d'un fichier audio au format AAC ou MP3 spécialement réalisé et la seconde par le biais d'une page web spécifiquement conçue.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions d'iPhone OS antérieures à 3.1 et iPhone OS pour iPod Touch antérieurs à 3.1.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT3860 du 9 septembre 2009	None	vendor-advisory
Bulletin de sécurité Apple HT3860 du 09 septembre 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eLes versions d\u0027\u003cTT\u003eiPhone OS\u003c/TT\u003e  ant\u00e9rieures \u00e0 3.1 et \u003cTT\u003eiPhone OS\u003c/TT\u003e pour \u003cTT\u003eiPod Touch\u003c/TT\u003e  ant\u00e9rieurs \u00e0 3.1.1.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dont deux permettant\nl\u0027ex\u00e9cution de code arbitraire. La premi\u00e8re est exploitable au moyen\nd\u0027un fichier audio au format AAC ou MP3 sp\u00e9cialement r\u00e9alis\u00e9 et la\nseconde par le biais d\u0027une page web sp\u00e9cifiquement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2794"
    },
    {
      "name": "CVE-2009-2207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2207"
    },
    {
      "name": "CVE-2009-2815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2815"
    },
    {
      "name": "CVE-2009-2797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2797"
    },
    {
      "name": "CVE-2009-2796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2796"
    },
    {
      "name": "CVE-2009-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1725"
    },
    {
      "name": "CVE-2009-2199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2199"
    },
    {
      "name": "CVE-2009-2206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2206"
    },
    {
      "name": "CVE-2009-2795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2795"
    },
    {
      "name": "CVE-2009-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1724"
    }
  ],
  "initial_release_date": "2009-09-11T00:00:00",
  "last_revision_date": "2009-09-11T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3860 du 09 septembre 2009 :",
      "url": "http://support.apple.com/kb/HT3860"
    }
  ],
  "reference": "CERTA-2009-AVI-383",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-09-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s, dont certaines permettant l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance, ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multipleis vuln\u00e9rabilit\u00e9s dans iPhone OS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3860 du 9 septembre 2009",
      "url": null
    }
  ]
}

FKIE_CVE-2009-1724

Vulnerability from fkie_nvd - Published: 2009-07-09 17:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html	Patch, Vendor Advisory
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
cve@mitre.org	http://osvdb.org/55738
cve@mitre.org	http://secunia.com/advisories/35758
cve@mitre.org	http://secunia.com/advisories/36677
cve@mitre.org	http://secunia.com/advisories/43068
cve@mitre.org	http://support.apple.com/kb/HT3666	Patch, Vendor Advisory
cve@mitre.org	http://support.apple.com/kb/HT3860
cve@mitre.org	http://www.securityfocus.com/bid/35441	Exploit
cve@mitre.org	http://www.securitytracker.com/id?1022525
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1827
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0212
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/55738
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35758
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36677
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43068
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3666	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3860
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35441	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022525
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1827
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0212
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208

Impacted products

Vendor	Product	Version
apple	safari	*
apple	safari	2.0
apple	safari	2.0.0
apple	safari	2.0.1
apple	safari	2.0.2
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.3
apple	safari	2.0.4
apple	safari	3.0
apple	safari	3.0.0
apple	safari	3.0.0b
apple	safari	3.0.1
apple	safari	3.0.1
apple	safari	3.0.1b
apple	safari	3.0.2
apple	safari	3.0.2b
apple	safari	3.0.3
apple	safari	3.0.3b
apple	safari	3.0.4
apple	safari	3.0.4b
apple	safari	3.1.0
apple	safari	3.1.0b
apple	safari	3.1.1
apple	safari	3.1.2
apple	safari	3.2.0
apple	safari	3.2.1
apple	safari	3.2.2
apple	safari	4.0
apple	safari	4.0.0b
apple	iphone_os	*
apple	iphone_os	1.0.0
apple	iphone_os	1.0.1
apple	iphone_os	1.0.2
apple	iphone_os	1.1.0
apple	iphone_os	1.1.1
apple	iphone_os	1.1.2
apple	iphone_os	1.1.3
apple	iphone_os	1.1.4
apple	iphone_os	1.1.5
apple	iphone_os	2.0
apple	iphone_os	2.0.0
apple	iphone_os	2.0.1
apple	iphone_os	2.0.2
apple	iphone_os	2.1
apple	iphone_os	2.1.1
apple	iphone_os	2.2
apple	iphone_os	2.2.1
apple	iphone_os	3.0
apple	iphone_os	*
apple	iphone_os	*
apple	iphone_os	1.0.0
apple	iphone_os	1.0.1
apple	iphone_os	1.0.2
apple	iphone_os	1.1.0
apple	iphone_os	1.1.1
apple	iphone_os	1.1.2
apple	iphone_os	1.1.3
apple	iphone_os	1.1.4
apple	iphone_os	1.1.5
apple	iphone_os	2.0
apple	iphone_os	2.0.0
apple	iphone_os	2.0.1
apple	iphone_os	2.0.2
apple	iphone_os	2.1
apple	iphone_os	2.1.1
apple	iphone_os	2.2
apple	iphone_os	2.2.1
apple	iphone_os	3.0
apple	iphone_os	3.0.1
apple	ipod_touch	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C38B814-0E98-4BC7-9981-56F9EC1BFB74",
              "versionEndIncluding": "4.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
              "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
              "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
              "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
              "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "4CED950D-38AB-4D66-B97A-FB982D86057F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE457690-CB2B-42BD-B97C-E723AFD02FB7",
              "versionEndIncluding": "3.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "340C4071-1447-477F-942A-8E09EA29F917",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1A9F14-4F3A-4B85-9050-84B51D59C9A1",
              "versionEndIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CFF5BE7-2BF6-48CE-B74B-B1A05383C10F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88FA2602-DDAB-4E23-A3D2-FB712970AAD1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross-site scripting (XSS) en WebKit en Safari de Apple anterior a versi\u00f3n 4.0.2, tal y como es usado en iPhone OS anterior a versi\u00f3n 3.1, iPhone OS anterior a versi\u00f3n 3.1.1 para iPod touch, y otras plataformas, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio de vectores relacionados con los objetos primarios y superiores."
    }
  ],
  "id": "CVE-2009-1724",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-07-09T17:30:00.407",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/55738"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35758"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36677"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3666"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3860"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/35441"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022525"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1827"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/55738"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3860"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/35441"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of the kdelibs packages, as shipped with Red Hat Enterprise Linux 3, 4, or 5.\n",
      "lastModified": "2009-08-07T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2009-1724

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-1724

Aliases

CVE-2009-1724

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-1724",
    "description": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.",
    "id": "GSD-2009-1724",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-1724.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-1724"
      ],
      "details": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.",
      "id": "GSD-2009-1724",
      "modified": "2023-12-13T01:19:47.323389Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-1724",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "43068",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "http://support.apple.com/kb/HT3666",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3666"
          },
          {
            "name": "ADV-2011-0212",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "APPLE-SA-2009-07-08-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
          },
          {
            "name": "35441",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/35441"
          },
          {
            "name": "ADV-2009-1827",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1827"
          },
          {
            "name": "55738",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/55738"
          },
          {
            "name": "oval:org.mitre.oval:def:6208",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
          },
          {
            "name": "SUSE-SR:2011:002",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "1022525",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022525"
          },
          {
            "name": "APPLE-SA-2009-09-09-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
          },
          {
            "name": "36677",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36677"
          },
          {
            "name": "http://support.apple.com/kb/HT3860",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3860"
          },
          {
            "name": "35758",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35758"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "3.0.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "3.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1724"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "35441",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/35441"
            },
            {
              "name": "http://support.apple.com/kb/HT3666",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT3666"
            },
            {
              "name": "APPLE-SA-2009-07-08-1",
              "refsource": "APPLE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
            },
            {
              "name": "ADV-2009-1827",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/1827"
            },
            {
              "name": "35758",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/35758"
            },
            {
              "name": "55738",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/55738"
            },
            {
              "name": "1022525",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1022525"
            },
            {
              "name": "http://support.apple.com/kb/HT3860",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3860"
            },
            {
              "name": "36677",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36677"
            },
            {
              "name": "APPLE-SA-2009-09-09-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "oval:org.mitre.oval:def:6208",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2022-08-09T13:48Z",
      "publishedDate": "2009-07-09T17:30Z"
    }
  }
}

GHSA-G6JX-986Q-P3FM

Vulnerability from github – Published: 2022-05-02 03:27 – Updated: 2022-05-02 03:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-1724"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-07-09T17:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.",
  "id": "GHSA-g6jx-986q-p3fm",
  "modified": "2022-05-02T03:27:53Z",
  "published": "2022-05-02T03:27:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1724"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6208"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/55738"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35758"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36677"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3666"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3860"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/35441"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022525"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1827"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-1724 (GCVE-0-2009-1724)

CERTA-2009-AVI-271

Description

Solution

CERTA-2009-AVI-383

Description

Solution

FKIE_CVE-2009-1724

GSD-2009-1724

GHSA-G6JX-986Q-P3FM

Tags

Sightings

Nomenclature