CVE-2009-1711Apple Safari vulnerability

CWE-3994 documents3 sources
Severity
9.3CRITICALNVD
EPSS
6.4%
top 8.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedJun 10
Latest updateMay 2

Description

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapple/safari4.0_beta+25

Patches

Patch: lists.apple.comPatch: support.apple.comPatch: www.securityfocus.com

🔴Vulnerability Details

1
GHSA
GHSA-3j52-86hv-pq9m: WebKit in Apple Safari before 42022-05-02

📋Vendor Advisories

2
Ubuntu
Qt vulnerabilities2009-11-10
Ubuntu
WebKit vulnerabilities2009-09-23