Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari 3.0.4b |
||
apple safari 2.0.3 |
||
apple safari 3.0.4 |
||
apple safari 3.0.1 |
||
apple safari 2.0.1 |
||
apple safari 2.0.2 |
||
apple safari 3.0.0 |
||
apple safari 3.1.0 |
||
apple safari 3.2.0 |
||
apple safari 3.1.2 |
||
apple safari 3.0.3 |
||
apple safari 3.0.2b |
||
apple safari 2.0.4 |
||
apple safari 2.0.0 |
||
apple safari 2.0 |
||
apple safari 3.0.3b |
||
apple safari 3.0.0b |
||
apple safari 3.1.1 |
||
apple safari 3.1.0b |
||
apple safari 3.0.2 |
||
apple safari 3.0.1b |
||
apple safari |
||
apple safari 3.0 |
||
apple safari 3.2.1 |
||
apple iphone_os 1.0.2 |
||
apple iphone_os 2.2 |
||
apple iphone_os 1.1.1 |
||
apple iphone_os 2.0.0 |
||
apple iphone_os 1.1.2 |
||
apple iphone_os 1.1.3 |
||
apple iphone_os 1.1.0 |
||
apple iphone_os 1.0.1 |
||
apple iphone_os 2.1 |
||
apple iphone_os 2.2.1 |
||
apple iphone_os 2.0 |
||
apple iphone_os 1.1.5 |
||
apple iphone_os 1.0.0 |
||
apple iphone_os 2.0.2 |
||
apple iphone_os 2.1.1 |
||
apple iphone_os 1.1.4 |
||
apple iphone_os 2.0.1 |
||
apple ipod_touch |
||
apple iphone_os |