fkie_cve-2009-1709
Vulnerability from fkie_nvd
Published
2009-06-10 18:00
Modified
2025-04-09 00:30
Severity ?
Summary
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
apple | safari | * | |
apple | safari | 0.8 | |
apple | safari | 0.9 | |
apple | safari | 1.0 | |
apple | safari | 1.0.3 | |
apple | safari | 1.1 | |
apple | safari | 1.2 | |
apple | safari | 1.3 | |
apple | safari | 1.3.1 | |
apple | safari | 1.3.2 | |
apple | safari | 2.0 | |
apple | safari | 2.0.2 | |
apple | safari | 2.0.4 | |
apple | safari | 3.0 | |
apple | safari | 3.0.2 | |
apple | safari | 3.0.3 | |
apple | safari | 3.0.4 | |
apple | safari | 3.1 | |
apple | safari | 3.1.1 | |
apple | safari | 3.1.2 | |
apple | safari | 3.2.1 | |
apple | safari | 3.2.3 | |
apple | safari | * | |
apple | safari | 3.0 | |
apple | safari | 3.0.1 | |
apple | safari | 3.0.2 | |
apple | safari | 3.0.3 | |
apple | safari | 3.0.4 | |
apple | safari | 3.1 | |
apple | safari | 3.1.1 | |
apple | safari | 3.1.2 | |
apple | safari | 3.2 | |
apple | safari | 3.2.1 | |
apple | safari | 3.2.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*", "matchCriteriaId": "D72FE38B-BD04-4FC7-AE41-6459CBDF207A", "versionEndIncluding": "4.0_beta", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*", "matchCriteriaId": "7F7275FE-C28A-4067-B9EF-BC99E10188DA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*", "matchCriteriaId": "E2249206-EF91-4168-B7C2-C1DB35CDFA40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*", "matchCriteriaId": "641D655F-E210-4795-836C-BBF6D90B92E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*", "matchCriteriaId": "A6EED222-BF5E-475A-B255-18041B4A5B26", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*", "matchCriteriaId": "1FC456E7-727C-4932-A0D0-B0D168E8C523", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*", "matchCriteriaId": "303E4616-1BB6-4D2D-8437-47F3D1B3C13D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*", "matchCriteriaId": "03C2A522-2D71-4909-B86F-DBEE2C703F83", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*", "matchCriteriaId": "E75B3EAD-A9D3-4497-B3B0-E31E807010A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*", "matchCriteriaId": "F837BE0E-9255-41C5-8E49-57090A574A9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*", "matchCriteriaId": "B8870C90-A1C9-4D8C-B1EF-9D72D55535EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*", "matchCriteriaId": "586ED537-9BB4-4931-8891-E60740983C4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*", "matchCriteriaId": "73B23547-9710-44E9-A32A-6320C8E7A780", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*", "matchCriteriaId": "EBFEED2C-8822-44EB-9296-82862DB14DCE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*", "matchCriteriaId": "9270F5C4-63B9-48C5-9D6D-9CDA1461205C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*", "matchCriteriaId": "FD35EC3D-01E2-4FA7-95AC-A2E57C652649", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*", "matchCriteriaId": "C23C022E-293E-4247-A9AD-2F27C29E92A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*", "matchCriteriaId": "75359A0E-823A-45C5-8C61-ABE225FB939F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*", "matchCriteriaId": "8CFED254-6277-4E5E-B8E7-B5CB1ED3E7FA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*", "matchCriteriaId": "F8283078-D722-40AC-AF7A-7BC9AD19D051", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*", "matchCriteriaId": "66132AA6-F3EA-408D-9C43-8E6C577C8F72", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*", "matchCriteriaId": "D8CFE8E7-B970-4B86-99E9-AC3F8626737C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*", "matchCriteriaId": "7E203D81-FABE-4A63-8930-1DA15A86E113", "versionEndIncluding": "3.2.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*", "matchCriteriaId": "49875E29-AA30-4D96-9ED9-538823DD5E1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "D6C733F3-F5D4-4CF1-866D-61FF9D81D1B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*", "matchCriteriaId": "C5471735-D9C0-491B-9A6A-07B39AA215CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*", "matchCriteriaId": "1E5C52F3-2109-40FD-9945-A9A9D42C076E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*", "matchCriteriaId": "151DEB6D-5857-4B0B-8449-5735768024A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*", "matchCriteriaId": "AC7E7F65-8F3B-42F8-8B2D-9EA1CC4A4300", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*", "matchCriteriaId": "476EBE1F-66E1-4EF5-8344-BEDA97F306A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*", "matchCriteriaId": "480ED2AC-0DA4-44DA-A902-8534335077B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*", "matchCriteriaId": "77F31F4B-5305-4D75-9277-95EF99A969A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*", "matchCriteriaId": "C9AD216D-0C95-4843-A1A1-C3C9A6219277", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*", "matchCriteriaId": "04B8652D-BE06-49CB-A636-8B53B2DF9168", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\"" }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en la implementaci\u00f3n de la recolecci\u00f3n de basura en WebCore en WebKit en Apple Safari anteriores a v4.0 que permite a los atacantes remotos ejecutar arbitrariamente c\u00f3digo o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un elemento de animaci\u00f3n SVG, en relaci\u00f3n a objetos establecidos SVG, elementos indicadores SVG, el atributo targetElement, y \"caches\" no especificadas." } ], "id": "CVE-2009-1709", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-06-10T18:00:00.733", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "cve@mitre.org", "url": "http://osvdb.org/55013" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35379" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35576" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/36461" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/43068" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1022345" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT3613" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/35260" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/35334" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "cve@mitre.org", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/823-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/55013" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35379" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35576" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/36461" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1022345" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT3613" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/35260" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/35334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/823-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…