CVE Vulnerabilities

CVE-2009-2419

Published: Jul 09, 2009 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the JavaScript reload function. NOTE: some of these details are obtained from third party information.

Affected Software

Name Vendor Start Version End Version
Safari Apple 4.0 4.0
Safari Apple 4.0.1 4.0.1
Qt4-x11 Ubuntu jaunty *
Qt4-x11 Ubuntu karmic *
Qt4-x11 Ubuntu lucid *
Webkit Ubuntu hardy *
Webkit Ubuntu jaunty *

References