Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1690

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-1690
Last Modified 24 Feb 2011 12:00:00
Published 10 Jun 2009 10:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1690

Summary

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."

Vulnerable Systems

Operating System

  • Apple Iphone Os 1.0

  • Apple Iphone Os 1.0.0

  • Apple Iphone Os 1.0.1

  • Apple Iphone Os 1.0.2

  • Apple Iphone Os 1.1

  • Apple Iphone Os 1.1.0

  • Apple Iphone Os 1.1.1

  • Apple Iphone Os 1.1.2

  • Apple Iphone Os 1.1.3

  • Apple Iphone Os 1.1.4

  • Apple Iphone Os 1.1.5

  • Apple Iphone Os 2.0

  • Apple Iphone Os 2.0.0

  • Apple Iphone Os 2.0.1

  • Apple Iphone Os 2.0.2

  • Apple Iphone Os 2.1

  • Apple Iphone Os 2.2

  • Apple Iphone Os 2.2.1

Application

  • Apple Safari 0.8

  • Apple Safari 0.9

  • Apple Safari 1.0

  • Apple Safari 1.0.3

  • Apple Safari 1.1

  • Apple Safari 1.2

  • Apple Safari 1.3

  • Apple Safari 1.3.1

  • Apple Safari 1.3.2

  • Apple Safari 2.0

  • Apple Safari 2.0.2

  • Apple Safari 2.0.4

  • Apple Safari 3.0

  • Apple Safari 3.0.1

  • Apple Safari 3.0.2

  • Apple Safari 3.0.3

  • Apple Safari 3.0.4

  • Apple Safari 3.1

  • Apple Safari 3.1.1

  • Apple Safari 3.1.2

  • Apple Safari 3.2

  • Apple Safari 3.2.1

  • Apple Safari 3.2.2

  • Apple Safari 3.2.3

  • Apple Safari 4.0 Beta

  • Google Chrome 1.0.154.53


References

VUPEN - ADV-2009-1522

BID - 35260

CONFIRM - http://support.apple.com/kb/HT3639

CONFIRM - http://support.apple.com/kb/HT3613

SECTRACK - 1022345

APPLE - APPLE-SA-2009-06-17-1

APPLE - APPLE-SA-2009-06-08-1

FEDORA - FEDORA-2009-8020

FEDORA - FEDORA-2009-8046

FEDORA - FEDORA-2009-8049

FEDORA - FEDORA-2009-8039

VUPEN - ADV-2011-0212

VUPEN - ADV-2009-1621

UBUNTU - USN-857-1

UBUNTU - USN-836-1

UBUNTU - USN-822-1

MANDRIVA - MDVSA-2009:330

DEBIAN - DSA-1950

SECUNIA - 43068

SECUNIA - 37746

SECUNIA - 36790

SECUNIA - 36062

SECUNIA - 36057

SECUNIA - 35379

OSVDB - 54990

SUSE - SUSE-SR:2011:002

IDEFENSE - 20090608 Multiple Vendor WebKit Error Handling Use After Free Vulnerability

Related Patches

Novell SUSE 2010:7217 kdelibs3 security update for SLE 10 SP3 i586

Apple 2009-06-08 Safari Update 4.0.1 (Leopard)

Apple 2009-06-08 Safari Update 4 (Tiger)


Last Updated: 27 May 2016 10:50:38