Lucene search

K

PRIOn knowledge basePRION:CVE-2009-1690

HistoryJun 10, 2009 - 2:30 p.m.

Design/Logic Flaw

2009-06-1014:30:00

PRIOn knowledge base

www.prio-n.com

4

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.049 Low

EPSS

Percentile

92.6%

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to “recursion in certain DOM event handlers.”

CPENameOperatorVersion
iphone_oseq2.0.2 ipodtouch
iphone_oseq1.0.2
iphone_oseq1.0
iphone_oseq1.1.2 ipodtouch
iphone_oseq1.1.4 iphone
iphone_oseq1.1.1 iphone
iphone_oseq1.1.1
iphone_oseq1.0.1 iphone
iphone_oseq2.0.2 iphone
iphone_oseq2.2 iphone

Rows per page:

1-10 of 761

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=803

lists.apple.com/archives/security-announce/2009/jun/msg00002.html

lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

osvdb.org/54990

secunia.com/advisories/35379

secunia.com/advisories/36057

secunia.com/advisories/36062

secunia.com/advisories/36790

secunia.com/advisories/37746

secunia.com/advisories/43068

securitytracker.com/id?1022345

support.apple.com/kb/HT3613

support.apple.com/kb/HT3639

www.debian.org/security/2009/dsa-1950

www.mandriva.com/security/advisories?name=MDVSA-2009:330

www.securityfocus.com/bid/35260

www.ubuntu.com/usn/USN-822-1

www.ubuntu.com/usn/USN-836-1

www.ubuntu.com/usn/USN-857-1

www.vupen.com/english/advisories/2009/1522

www.vupen.com/english/advisories/2009/1621

www.vupen.com/english/advisories/2011/0212

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11009

www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.049 Low

EPSS

Percentile

92.6%

Related for PRION:CVE-2009-1690

securityvulns2 debiancve1 ubuntucve1 cve1 veracode1 nessus25 chrome1 altlinux1 openvas37 oraclelinux1 debian5 centos1 osv4 redhat1 ubuntu3 fedora6 seebug1