CVE Vulnerabilities

CVE-2009-1705

Published: Jun 10, 2009 | Modified: Jun 13, 2009
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

CoreGraphics in Apple Safari before 4.0 on Windows does not properly use arithmetic during automatic hinting of TrueType fonts, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted font data.

Affected Software

Name Vendor Start Version End Version
Safari Apple * 3.2.3 (including)
Safari Apple 3.0 (including) 3.0 (including)
Safari Apple 3.0.1 (including) 3.0.1 (including)
Safari Apple 3.0.2 (including) 3.0.2 (including)
Safari Apple 3.0.3 (including) 3.0.3 (including)
Safari Apple 3.0.4 (including) 3.0.4 (including)
Safari Apple 3.1 (including) 3.1 (including)
Safari Apple 3.1.1 (including) 3.1.1 (including)
Safari Apple 3.1.2 (including) 3.1.2 (including)
Safari Apple 3.2 (including) 3.2 (including)
Safari Apple 3.2.1 (including) 3.2.1 (including)
Safari Apple 3.2.2 (including) 3.2.2 (including)

References