Published: 09/07/2009 Updated: 09/08/2022

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

WebKit in Apple Safari prior to 4.0.2, as used on iPhone OS prior to 3.1, iPhone OS prior to 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple safari 3.0.4b
apple safari 2.0.3
apple safari
apple safari 3.0.4
apple safari 3.0.1
apple safari 2.0.1
apple safari 2.0.2
apple safari 3.0.0
apple safari 3.1.1
apple safari 3.1.0b
apple safari 3.0.2
apple safari 4.0.0b
apple safari 3.1.0
apple safari 4.0
apple safari 3.2.2
apple safari 3.0.3b
apple safari 3.0.0b
apple safari 3.1.2
apple safari 3.0.3
apple safari 2.0.4
apple safari 2.0.0
apple safari 2.0
apple safari 3.0.1b
apple safari 3.2.1
apple safari 3.2.0
apple safari 3.0.2b
apple safari 3.0
apple iphone_os 3.0
apple iphone_os 1.0.2
apple iphone_os 2.2
apple iphone_os
apple iphone_os 1.1.1
apple iphone_os 2.0.0
apple iphone_os 1.1.2
apple iphone_os 1.1.3
apple iphone_os 1.1.0
apple iphone_os 2.0.1
apple iphone_os 1.0.1
apple iphone_os 2.1
apple iphone_os 2.0.2
apple iphone_os 2.2.1
apple iphone_os 2.0
apple iphone_os 1.1.5
apple iphone_os 1.0.0
apple iphone_os 2.1.1
apple iphone_os 1.1.4
apple iphone_os 3.0.1
apple ipod_touch

Several vulnerabilities have been discovered in WebKit, a Web content engine library for Gtk+ The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, allows remote attackers to execute arbitrary code via a document with a SVGPathList data structu ...

It was discovered that WebKit did not properly handle certain SVGPathList data structures If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program (CVE-2009-0945) ...

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program (CVE-2009-0945) ...

Debian Bug report logs - #538346 CVE-2009-1725: WebKit in Apple Safari before 402 does not properly handle numeric Package: webkit; Maintainer for webkit is (unknown); Reported by: Luciano Bello <luciano@debianorg> Date: Sat, 25 Jul 2009 01:06:02 UTC Severity: grave Tags: patch, security Found in version 1110-2 F ...

Debian Bug report logs - #534946 webkit: CVE-2009-1698 CVE-2009-1690 CVE-2009-1687 Package: webkit; Maintainer for webkit is (unknown); Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Sun, 28 Jun 2009 12:48:02 UTC Severity: grave Tags: lenny, patch, security Found in version 101-4 Fixed in versions 115-1, ...

Debian Bug report logs - #545793 CVE-2009-2700: QSslCertificate incorrect verification of SSL certificate with NUL in subjectAltName Package: qt4-x11; Maintainer for qt4-x11 is Debian Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Wed, 9 Sep 2009 08:00 ...

Debian Bug report logs - #535793 webkit: deluge of security vulnerabilities Package: webkit; Maintainer for webkit is (unknown); Reported by: Michael S Gilbert <michaelsgilbert@gmailcom> Date: Sun, 5 Jul 2009 05:18:04 UTC Severity: grave Tags: fixed-upstream, security Found in version 101-4 Fixed in version 1121-1 ...

CWE-189 http://support.apple.com/kb/HT3666 http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.html http://www.securityfocus.com/bid/35607 http://secunia.com/advisories/35758 http://www.securitytracker.com/id?1022526 http://osvdb.org/55739 http://www.vupen.com/english/advisories/2009/1827 http://secunia.com/advisories/36062 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html http://secunia.com/advisories/36057 http://websvn.kde.org/?view=rev&revision=1002164 https://bugzilla.redhat.com/show_bug.cgi?id=513813 http://websvn.kde.org/?view=rev&revision=1002162 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00931.html http://websvn.kde.org/?view=rev&revision=1002163 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00933.html http://secunia.com/advisories/36347 http://support.apple.com/kb/HT3860 http://secunia.com/advisories/36677 http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html http://www.debian.org/security/2009/dsa-1950 http://secunia.com/advisories/37746 http://www.mandriva.com/security/advisories?name=MDVSA-2009:330 http://www.ubuntu.com/usn/USN-857-1 http://secunia.com/advisories/36790 http://www.ubuntu.com/usn/USN-836-1 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0212 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5777 https://nvd.nist.gov https://www.debian.org/security/./dsa-1950 https://usn.ubuntu.com/836-1/

Get Started

CVE-2009-1725

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect