CVE Vulnerabilities

CVE-2009-1701

Published: Jun 10, 2009 | Modified: Aug 09, 2022
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.

Affected Software

Name Vendor Start Version End Version
Safari Apple * 3.2.2 (including)
Safari Apple 2.0 (including) 2.0 (including)
Safari Apple 2.0.0 (including) 2.0.0 (including)
Safari Apple 2.0.1 (including) 2.0.1 (including)
Safari Apple 2.0.2 (including) 2.0.2 (including)
Safari Apple 2.0.3 (including) 2.0.3 (including)
Safari Apple 2.0.3-417.8 (including) 2.0.3-417.8 (including)
Safari Apple 2.0.3-417.9 (including) 2.0.3-417.9 (including)
Safari Apple 2.0.3-417.9.2 (including) 2.0.3-417.9.2 (including)
Safari Apple 2.0.3-417.9.3 (including) 2.0.3-417.9.3 (including)
Safari Apple 2.0.4 (including) 2.0.4 (including)
Safari Apple 3.0 (including) 3.0 (including)
Safari Apple 3.0.0 (including) 3.0.0 (including)
Safari Apple 3.0.0b (including) 3.0.0b (including)
Safari Apple 3.0.1 (including) 3.0.1 (including)
Safari Apple 3.0.1-beta (including) 3.0.1-beta (including)
Safari Apple 3.0.1b (including) 3.0.1b (including)
Safari Apple 3.0.2 (including) 3.0.2 (including)
Safari Apple 3.0.2b (including) 3.0.2b (including)
Safari Apple 3.0.3 (including) 3.0.3 (including)
Safari Apple 3.0.3b (including) 3.0.3b (including)
Safari Apple 3.0.4 (including) 3.0.4 (including)
Safari Apple 3.0.4b (including) 3.0.4b (including)
Safari Apple 3.1.0 (including) 3.1.0 (including)
Safari Apple 3.1.0b (including) 3.1.0b (including)
Safari Apple 3.1.1 (including) 3.1.1 (including)
Safari Apple 3.1.2 (including) 3.1.2 (including)
Safari Apple 3.2.0 (including) 3.2.0 (including)
Safari Apple 3.2.1 (including) 3.2.1 (including)
Qt4-x11 Ubuntu intrepid *
Qt4-x11 Ubuntu jaunty *
Qt4-x11 Ubuntu karmic *
Webkit Ubuntu hardy *
Webkit Ubuntu intrepid *
Webkit Ubuntu jaunty *

References