Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1699 — XML External Entity (XXE) Injection in Apple Safari

CWE-611 — XML External Entity (XXE) Injection CWE-200 — Sensitive Information Exposure6 documents6 sources

Severity

7.5HIGHNVD

EPSS

9.3%

top 7.25%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple Safari Apple Iphone OS Canonical Ubuntu Linux +1 more

Timeline

PublishedJun 10

Latest updateMay 2

Description

The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDapple/iphone_os1.0.0 — 2.2.1

▶NVDapple/safari< 4.0

▶NVDopensuse/opensuse11.2, 11.3+1

Also affects: Ubuntu Linux 8.10, 9.04

Patches

Patch: lists.apple.com ↗Patch: support.apple.com ↗Patch: www.vupen.com ↗

🔴Vulnerability Details

GHSA

GHSA-q425-6m5x-qp5p: The XSL stylesheet implementation in WebKit in Apple Safari before 4↗2022-05-02

▶

💥Exploits & PoCs

Exploit-DB

WebKit - XML External Entity Information Disclosure↗2009-05-08

▶

📋Vendor Advisories

Ubuntu

Qt vulnerabilities↗2009-11-10

▶

📐Framework References

CWE

Improper Restriction of XML External Entity Reference↗

▶

💬Community

Bugzilla

CVE-2009-1575, CVE-2009-1576 drupal: multiple vulnerabilities in < 6.11 (SA-CORE-2009-005)↗2009-05-01

▶