Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2009-1686

Опубликовано: 10 июн. 2009
Источник: debian

Описание

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
webkitfixed1.1.12-1package
webkitnot-affectedlennypackage
kdelibsnot-affectedpackage
kde4libsnot-affectedpackage
qt4-x11fixed4:4.6.2-4package
qt4-x11no-dsalennypackage

Примечания

  • QT4 might be fixed earlier, but only 4.6.2 was checked against

  • http://trac.webkit.org/changeset/31431

Связанные уязвимости

ubuntu логотип

CVE-2009-1686

ubuntu
больше 16 лет назад

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

nvd логотип

CVE-2009-1686

nvd
больше 16 лет назад

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

github логотип

GHSA-432c-2w5j-688r

github
почти 4 года назад

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.