Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2009-1701

Опубликовано: 10 июн. 2009
Источник: debian

Описание

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
webkitfixed1.1.12-1package
webkitno-dsalennypackage
kdelibsnot-affectedpackage
qt4-x11fixed4:4.6.2-4package
qt4-x11no-dsalennypackage

Примечания

  • QT4 might be fixed earlier, but only 4.6.2 was checked against

  • invasive patch to backport.

  • http://trac.webkit.org/changeset/40881

Связанные уязвимости

ubuntu логотип

CVE-2009-1701

ubuntu
больше 16 лет назад

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.

nvd логотип

CVE-2009-1701

nvd
больше 16 лет назад

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.

github логотип

GHSA-2634-634x-5w3q

github
больше 3 лет назад

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.