CVE-2009-3384Integer Overflow or Wraparound in Apple Safari

CWE-190Integer Overflow or Wraparound5 documents4 sources
Severity
9.3CRITICALNVD
EPSS
1.3%
top 20.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedNov 13
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapple/safari4.0.3+59

Patches

Patch: lists.apple.comPatch: support.apple.comPatch: lists.apple.com

🔴Vulnerability Details

1
GHSA
GHSA-j32g-6wjv-jxxr: Multiple unspecified vulnerabilities in WebKit in Apple Safari before 42022-05-02

📋Vendor Advisories

1
Red Hat
Firefox integer underflow in FTP directory list parser2009-10-27

💬Community

2
Bugzilla
CVE-2009-3384 Firefox integer underflow in FTP directory list parser2009-10-21
Bugzilla
CVE-2009-3384 WebKit, qt: Multiple security issues while handling FTP directory listings2009-09-25