CVE-2009-0945

CVSS V2 High 9.3 CVSS V3 None
Description
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.
Overview
  • CVE ID
  • CVE-2009-0945
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2009-05-13T17:30:00
  • Last Modified Date
  • 2018-10-10T19:32:26
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:* 0 OR
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* 1 OR 3.2.2
cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 9.3
  • Severity
  • HIGH
  • Exploitability Score
  • 8.6
  • Impact Score
  • 10
References
Reference URL Reference Tags
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2009/May/msg00001.html Patch Vendor Advisory
http://support.apple.com/kb/HT3549 Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2009/May/msg00000.html Patch Vendor Advisory
http://support.apple.com/kb/HT3550
http://www.securitytracker.com/id?1022207
http://secunia.com/advisories/35056
http://www.vupen.com/english/advisories/2009/1298
http://www.vupen.com/english/advisories/2009/1297
http://www.us-cert.gov/cas/techalerts/TA09-133A.html US Government Resource
http://secunia.com/advisories/35074
http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html
http://www.vupen.com/english/advisories/2009/1321
http://code.google.com/p/chromium/issues/detail?id=9019
http://secunia.com/advisories/35095
http://www.zerodayinitiative.com/advisories/ZDI-09-022
http://www.vupen.com/english/advisories/2009/1621
http://support.apple.com/kb/HT3639
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://www.securityfocus.com/bid/34924
http://www.redhat.com/support/errata/RHSA-2009-1130.html
http://secunia.com/advisories/35576
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html
http://secunia.com/advisories/35805
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
http://secunia.com/advisories/36062
http://secunia.com/advisories/36461
http://www.ubuntu.com/usn/USN-822-1
http://secunia.com/advisories/37746
http://www.debian.org/security/2009/dsa-1950
http://www.ubuntu.com/usn/USN-857-1
http://www.ubuntu.com/usn/USN-836-1
http://secunia.com/advisories/36790
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/43068
http://www.vupen.com/english/advisories/2011/0212
https://exchange.xforce.ibmcloud.com/vulnerabilities/50477
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584
https://usn.ubuntu.com/823-1/
http://www.securityfocus.com/archive/1/503594/100/0/threaded
History
Created Old Value New Value Data Type Notes
2022-05-10 18:33:15 Added to TrackCVE