CVE-2009-1711

2009-06-1000:00:00

ubuntu.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.024 Low

EPSS

Percentile

90.0%

JSON

WebKit in Apple Safari before 4.0 does not properly initialize memory for
Attr DOM objects, which allows remote attackers to execute arbitrary code
or cause a denial of service (application crash) via a crafted HTML
document.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535793>

Notes

Author	Note
jdstrand	webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit
mdeslaur	code does not appear present in kde4libs

OSVersionArchitecturePackageVersionFilename
ubuntu8.10noarchqt4-x11< 4.4.3-0ubuntu1.4UNKNOWN
ubuntu8.10noarchwebkit< 1.0.1-2ubuntu0.2UNKNOWN
ubuntu9.04noarchwebkit< 1.0.1-4ubuntu0.1UNKNOWN