Lucene search

[email protected]CVE-2009-0070

HistoryJan 08, 2009 - 7:30 p.m.

CVE-2009-0070

2009-01-0819:30:11

CWE-189

[email protected]

web.nvd.nist.gov

cve-2009-0070

apple safari

integer signedness error

remote attack

denial of service

application crash

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.094 Low

EPSS

Percentile

94.8%

JSON

Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issue to CVE-2008-2307.

Affected configurations

NVD

Node

applesafari

CPENameOperatorVersion
apple:safariapple safarieq*

CPE	Name	Operator	Version
apple:safari	apple safari	eq	*

References

exchange.xforce.ibmcloud.com/vulnerabilities/48214

www.exploit-db.com/exploits/7673

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.094 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2009-0070

prion3 cvelist3 nvd3 ubuntucve1 openvas8 fedora2 cve2 cert1 nessus7 seebug2 debiancve1