Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-1688

Опубликовано: 10 июн. 2009
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to determining a security context through an approach that is not the "HTML 5 standard method."

РелизСтатусПримечание
dapper

not-affected

no webkit
devel

not-affected

4.5.2-0ubuntu5
hardy

not-affected

no webkit
intrepid

ignored

end of life, was needed
jaunty

not-affected

4.5.0-0ubuntu4.2
karmic

not-affected

4.5.2-0ubuntu5
lucid

not-affected

4.5.2-0ubuntu5
maverick

not-affected

4.5.2-0ubuntu5
natty

not-affected

4.5.2-0ubuntu5
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

1.1.12-1ubuntu1
hardy

ignored

end of life
intrepid

not-affected

1.0.1-2ubuntu0.1
jaunty

not-affected

1.0.1-4
karmic

not-affected

1.1.12-1ubuntu1
lucid

not-affected

1.1.12-1ubuntu1
maverick

not-affected

1.1.12-1ubuntu1
natty

not-affected

1.1.12-1ubuntu1
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 69%
0.00614
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2009-1688

nvd
больше 16 лет назад

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to determining a security context through an approach that is not the "HTML 5 standard method."

debian логотип

CVE-2009-1688

debian
больше 16 лет назад

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...

github логотип

GHSA-xqv5-q33j-xfvp

github
почти 4 года назад

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to determining a security context through an approach that is not the "HTML 5 standard method."

EPSS

Процентиль: 69%
0.00614
Низкий

4.3 Medium

CVSS2