Lucene search

PRIOn knowledge basePRION:CVE-2009-0945

HistoryMay 13, 2009 - 5:30 p.m.

Memory corruption

2009-05-1317:30:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.6%

JSON

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.

CPENameOperatorVersion
safarile3.2.2
safarieq0.8
safarieq0.9
safarieq1.0 beta2
safarieq1.0
safarieq1.0 beta
safarieq1.0.0
safarieq1.0.0-b1
safarieq1.0.0-b2
safarieq1.0.1

Name	Operator	Version
safari	le	3.2.2
safari	eq	0.8
safari	eq	0.9
safari	eq	1.0 beta2
safari	eq	1.0
safari	eq	1.0 beta
safari	eq	1.0.0
safari	eq	1.0.0-b1
safari	eq	1.0.0-b2
safari	eq	1.0.1

Rows per page:

1-10 of 551

References

lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

lists.apple.com/archives/security-announce/2009/May/msg00000.html

lists.apple.com/archives/security-announce/2009/May/msg00001.html

lists.apple.com/archives/security-announce/2009/May/msg00002.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/35056

secunia.com/advisories/35074

secunia.com/advisories/35095

secunia.com/advisories/35576

secunia.com/advisories/35805

secunia.com/advisories/36062

secunia.com/advisories/36461

secunia.com/advisories/36790

secunia.com/advisories/37746

secunia.com/advisories/43068

support.apple.com/kb/HT3549

support.apple.com/kb/HT3550

support.apple.com/kb/HT3639

www.debian.org/security/2009/dsa-1950

www.redhat.com/support/errata/RHSA-2009-1130.html

www.securityfocus.com/archive/1/503594/100/0/threaded

www.securityfocus.com/bid/34924

www.securitytracker.com/id?1022207

www.ubuntu.com/usn/USN-822-1

www.ubuntu.com/usn/USN-836-1

www.ubuntu.com/usn/USN-857-1

www.us-cert.gov/cas/techalerts/TA09-133A.html

www.vupen.com/english/advisories/2009/1297

www.vupen.com/english/advisories/2009/1298

www.vupen.com/english/advisories/2009/1321

www.vupen.com/english/advisories/2009/1621

www.vupen.com/english/advisories/2011/0212

www.zerodayinitiative.com/advisories/ZDI-09-022

code.google.com/p/chromium/issues/detail?id=9019

exchange.xforce.ibmcloud.com/vulnerabilities/50477

googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584

usn.ubuntu.com/823-1/

www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.6%

JSON

Related for PRION:CVE-2009-0945