Lucene search
Ubuntu.comUB:CVE-2009-1724HistoryJul 09, 2009 - 12:00 a.m.
CVE-2009-1724
2009-07-0900:00:00
ubuntu.com
ubuntu.com
10
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
79.7%
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before
4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod
touch, and other platforms, allows remote attackers to inject arbitrary web
script or HTML via vectors related to parent and top objects.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538403>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538402>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1724>
Notes
| Author | Note |
|---|---|
| jdstrand | qt4-x11 unmaintained upstream (see README.webkit for details) webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit |
| mdeslaur | although I don’t know what the upstream patch is, RH stated that it didn’t affect their kde4libs versions, so I’m removing it. can’t find info on webkit |
Related
prion
prion
Cross site scripting
2009-07-09 17:30:00
cve
cve
CVE-2009-1724
2009-07-09 17:30:00
debiancve
debiancve
CVE-2009-1724
2009-07-09 17:30:00
nessus
nessus
Safari < 4.0.2 Multiple Vulnerabilities
2009-07-09 00:00:00
Mac OS X : Apple Safari < 4.0.2
2009-07-09 00:00:00
Safari < 4.0.2 Multiple Vulnerabilities
2004-08-18 00:00:00
openvas
openvas
Apple Safari DoS or XSS Vulnerability (Jul 2009)
2009-07-12 00:00:00
Apple Safari DoS or XSS Vulnerability - July09
2009-07-12 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
79.7%
Related for UB:CVE-2009-1724