fkie_cve-2009-1709
Vulnerability from fkie_nvd
Published
2009-06-10 18:00
Modified
2025-04-09 00:30
Severity ?
Summary
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches."
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlPatch, Vendor Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
cve@mitre.orghttp://osvdb.org/55013
cve@mitre.orghttp://secunia.com/advisories/35379Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/35576
cve@mitre.orghttp://secunia.com/advisories/36461
cve@mitre.orghttp://secunia.com/advisories/43068
cve@mitre.orghttp://securitytracker.com/id?1022345
cve@mitre.orghttp://support.apple.com/kb/HT3613Patch, Vendor Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:182
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2009-1130.html
cve@mitre.orghttp://www.securityfocus.com/bid/35260
cve@mitre.orghttp://www.securityfocus.com/bid/35334
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1522Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0212
cve@mitre.orghttp://www.zerodayinitiative.com/advisories/ZDI-09-034/
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162
cve@mitre.orghttps://usn.ubuntu.com/823-1/
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/55013
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35379Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35576
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36461
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43068
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1022345
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3613Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:182
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-1130.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35260
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35334
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1522Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0212
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-09-034/
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/823-1/
Impacted products
Vendor Product Version
apple safari *
apple safari 0.8
apple safari 0.9
apple safari 1.0
apple safari 1.0.3
apple safari 1.1
apple safari 1.2
apple safari 1.3
apple safari 1.3.1
apple safari 1.3.2
apple safari 2.0
apple safari 2.0.2
apple safari 2.0.4
apple safari 3.0
apple safari 3.0.2
apple safari 3.0.3
apple safari 3.0.4
apple safari 3.1
apple safari 3.1.1
apple safari 3.1.2
apple safari 3.2.1
apple safari 3.2.3
apple safari *
apple safari 3.0
apple safari 3.0.1
apple safari 3.0.2
apple safari 3.0.3
apple safari 3.0.4
apple safari 3.1
apple safari 3.1.1
apple safari 3.1.2
apple safari 3.2
apple safari 3.2.1
apple safari 3.2.2



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*",
              "matchCriteriaId": "D72FE38B-BD04-4FC7-AE41-6459CBDF207A",
              "versionEndIncluding": "4.0_beta",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*",
              "matchCriteriaId": "7F7275FE-C28A-4067-B9EF-BC99E10188DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*",
              "matchCriteriaId": "E2249206-EF91-4168-B7C2-C1DB35CDFA40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*",
              "matchCriteriaId": "641D655F-E210-4795-836C-BBF6D90B92E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*",
              "matchCriteriaId": "A6EED222-BF5E-475A-B255-18041B4A5B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*",
              "matchCriteriaId": "1FC456E7-727C-4932-A0D0-B0D168E8C523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*",
              "matchCriteriaId": "303E4616-1BB6-4D2D-8437-47F3D1B3C13D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*",
              "matchCriteriaId": "03C2A522-2D71-4909-B86F-DBEE2C703F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*",
              "matchCriteriaId": "E75B3EAD-A9D3-4497-B3B0-E31E807010A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*",
              "matchCriteriaId": "F837BE0E-9255-41C5-8E49-57090A574A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*",
              "matchCriteriaId": "B8870C90-A1C9-4D8C-B1EF-9D72D55535EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*",
              "matchCriteriaId": "586ED537-9BB4-4931-8891-E60740983C4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*",
              "matchCriteriaId": "73B23547-9710-44E9-A32A-6320C8E7A780",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*",
              "matchCriteriaId": "EBFEED2C-8822-44EB-9296-82862DB14DCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*",
              "matchCriteriaId": "9270F5C4-63B9-48C5-9D6D-9CDA1461205C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*",
              "matchCriteriaId": "FD35EC3D-01E2-4FA7-95AC-A2E57C652649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*",
              "matchCriteriaId": "C23C022E-293E-4247-A9AD-2F27C29E92A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*",
              "matchCriteriaId": "75359A0E-823A-45C5-8C61-ABE225FB939F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*",
              "matchCriteriaId": "8CFED254-6277-4E5E-B8E7-B5CB1ED3E7FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*",
              "matchCriteriaId": "F8283078-D722-40AC-AF7A-7BC9AD19D051",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*",
              "matchCriteriaId": "66132AA6-F3EA-408D-9C43-8E6C577C8F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*",
              "matchCriteriaId": "D8CFE8E7-B970-4B86-99E9-AC3F8626737C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*",
              "matchCriteriaId": "7E203D81-FABE-4A63-8930-1DA15A86E113",
              "versionEndIncluding": "3.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "49875E29-AA30-4D96-9ED9-538823DD5E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "D6C733F3-F5D4-4CF1-866D-61FF9D81D1B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "C5471735-D9C0-491B-9A6A-07B39AA215CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*",
              "matchCriteriaId": "1E5C52F3-2109-40FD-9945-A9A9D42C076E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*",
              "matchCriteriaId": "151DEB6D-5857-4B0B-8449-5735768024A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "AC7E7F65-8F3B-42F8-8B2D-9EA1CC4A4300",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "476EBE1F-66E1-4EF5-8344-BEDA97F306A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "480ED2AC-0DA4-44DA-A902-8534335077B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "77F31F4B-5305-4D75-9277-95EF99A969A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "C9AD216D-0C95-4843-A1A1-C3C9A6219277",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "04B8652D-BE06-49CB-A636-8B53B2DF9168",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en la implementaci\u00f3n de la recolecci\u00f3n de basura en  WebCore en WebKit en Apple Safari anteriores a v4.0 que permite a los atacantes remotos ejecutar arbitrariamente c\u00f3digo o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un elemento de animaci\u00f3n SVG, en relaci\u00f3n a objetos establecidos SVG, elementos indicadores SVG, el atributo targetElement, y \"caches\" no especificadas."
    }
  ],
  "id": "CVE-2009-1709",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-06-10T18:00:00.733",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/55013"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35379"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35576"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36461"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1022345"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3613"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/35260"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/35334"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1522"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/823-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/55013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35379"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1022345"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1522"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/823-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…