Action not permitted
Modal body text goes here.
cve-2009-1709
Vulnerability from cvelistv5
Published
2009-06-10 17:37
Modified
2024-08-07 05:20
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:20:35.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
},
{
"name": "43068",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43068"
},
{
"name": "ADV-2011-0212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "35260",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35260"
},
{
"name": "oval:org.mitre.oval:def:10162",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
},
{
"name": "RHSA-2009:1130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
},
{
"name": "35576",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35576"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "1022345",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022345"
},
{
"name": "35334",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35334"
},
{
"name": "55013",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55013"
},
{
"name": "36461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36461"
},
{
"name": "USN-823-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/823-1/"
},
{
"name": "SUSE-SR:2011:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35379"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "MDVSA-2010:182",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
},
{
"name": "43068",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43068"
},
{
"name": "ADV-2011-0212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "35260",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35260"
},
{
"name": "oval:org.mitre.oval:def:10162",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
},
{
"name": "RHSA-2009:1130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
},
{
"name": "35576",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35576"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "1022345",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022345"
},
{
"name": "35334",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35334"
},
{
"name": "55013",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55013"
},
{
"name": "36461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36461"
},
{
"name": "USN-823-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/823-1/"
},
{
"name": "SUSE-SR:2011:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35379"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "MDVSA-2010:182",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
},
{
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "APPLE-SA-2009-06-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "35260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35260"
},
{
"name": "oval:org.mitre.oval:def:10162",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
},
{
"name": "RHSA-2009:1130",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
},
{
"name": "35576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35576"
},
{
"name": "ADV-2009-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "1022345",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022345"
},
{
"name": "35334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35334"
},
{
"name": "55013",
"refsource": "OSVDB",
"url": "http://osvdb.org/55013"
},
{
"name": "36461",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36461"
},
{
"name": "USN-823-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/823-1/"
},
{
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "35379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35379"
},
{
"name": "http://support.apple.com/kb/HT3613",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "MDVSA-2010:182",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1709",
"datePublished": "2009-06-10T17:37:00",
"dateReserved": "2009-05-20T00:00:00",
"dateUpdated": "2024-08-07T05:20:35.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-1709\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-06-10T18:00:00.733\",\"lastModified\":\"2018-10-03T22:00:30.780\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \\\"caches.\\\"\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en la implementaci\u00f3n de la recolecci\u00f3n de basura en WebCore en WebKit en Apple Safari anteriores a v4.0 que permite a los atacantes remotos ejecutar arbitrariamente c\u00f3digo o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un elemento de animaci\u00f3n SVG, en relaci\u00f3n a objetos establecidos SVG, elementos indicadores SVG, el atributo targetElement, y \\\"caches\\\" no especificadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*\",\"versionEndIncluding\":\"4.0_beta\",\"matchCriteriaId\":\"D72FE38B-BD04-4FC7-AE41-6459CBDF207A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"7F7275FE-C28A-4067-B9EF-BC99E10188DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"E2249206-EF91-4168-B7C2-C1DB35CDFA40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"641D655F-E210-4795-836C-BBF6D90B92E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"A6EED222-BF5E-475A-B255-18041B4A5B26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"1FC456E7-727C-4932-A0D0-B0D168E8C523\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"303E4616-1BB6-4D2D-8437-47F3D1B3C13D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"03C2A522-2D71-4909-B86F-DBEE2C703F83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"E75B3EAD-A9D3-4497-B3B0-E31E807010A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"F837BE0E-9255-41C5-8E49-57090A574A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"B8870C90-A1C9-4D8C-B1EF-9D72D55535EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"586ED537-9BB4-4931-8891-E60740983C4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"73B23547-9710-44E9-A32A-6320C8E7A780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"EBFEED2C-8822-44EB-9296-82862DB14DCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"9270F5C4-63B9-48C5-9D6D-9CDA1461205C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"FD35EC3D-01E2-4FA7-95AC-A2E57C652649\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"C23C022E-293E-4247-A9AD-2F27C29E92A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"75359A0E-823A-45C5-8C61-ABE225FB939F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"8CFED254-6277-4E5E-B8E7-B5CB1ED3E7FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"F8283078-D722-40AC-AF7A-7BC9AD19D051\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"66132AA6-F3EA-408D-9C43-8E6C577C8F72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*\",\"matchCriteriaId\":\"D8CFE8E7-B970-4B86-99E9-AC3F8626737C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*\",\"versionEndIncluding\":\"3.2.3\",\"matchCriteriaId\":\"7E203D81-FABE-4A63-8930-1DA15A86E113\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"49875E29-AA30-4D96-9ED9-538823DD5E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"D6C733F3-F5D4-4CF1-866D-61FF9D81D1B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"C5471735-D9C0-491B-9A6A-07B39AA215CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"1E5C52F3-2109-40FD-9945-A9A9D42C076E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"151DEB6D-5857-4B0B-8449-5735768024A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"AC7E7F65-8F3B-42F8-8B2D-9EA1CC4A4300\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"476EBE1F-66E1-4EF5-8344-BEDA97F306A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"480ED2AC-0DA4-44DA-A902-8534335077B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"77F31F4B-5305-4D75-9277-95EF99A969A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"C9AD216D-0C95-4843-A1A1-C3C9A6219277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*\",\"matchCriteriaId\":\"04B8652D-BE06-49CB-A636-8B53B2DF9168\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/55013\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/35379\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/35576\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36461\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1022345\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3613\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:182\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1130.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/35260\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/35334\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-09-034/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/823-1/\",\"source\":\"cve@mitre.org\"}]}}"
}
}
var-200901-0719
Vulnerability from variot
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches.". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the garbage collection of JavaScript set elements in WebCore. When an SVG set object is appended to an SVG marker element that is dereferenced, calls to the targetElement attribute will fail to reference count the marker element. When the set element is appended to another object, subsequent calls to the targetElement attribute will result in a heap corruption which can be leveraged to execute arbitrary code under the context of the current user. WebKit is prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. WebKit is an open source web browser engine currently used by browsers such as Safari and Chrome. =========================================================== Ubuntu Security Notice USN-823-1 August 24, 2009 kdegraphics vulnerabilities CVE-2009-0945, CVE-2009-1709 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: ksvg 4:3.5.10-0ubuntu1~hardy1.1
After a standard system upgrade you need to restart your session to effect the necessary changes.
Details follow:
It was discovered that KDE-Graphics did not properly handle certain malformed SVG images.
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1.diff.gz
Size/MD5: 855597 2ce6d700dbb5c1ed0adfd4d1264713ea
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1.dsc
Size/MD5: 1523 3f59822daa292354c1a068b20e6d4d11
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10.orig.tar.gz
Size/MD5: 9033567 a5df57c0533ba1978ba7f5c375f3b8e2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics-doc-html_3.5.10-0ubuntu1~hardy1.1_all.deb
Size/MD5: 148228 8c48a5c6e73f61613275d4c322740761
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1_all.deb
Size/MD5: 15676 9754496d16002d753df1faf142146983
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 91118 abef1540cdffd100731aa22dd8c3b347
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 24851972 c6eab2f11115d68fd401092efd9ba0ec
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 81740 e14c17a3bed21e88bcb41bbb471251ae
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 301554 23fa6907d9f6a78973c519f2c29eddeb
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 99112 b26131b0a1db75624913df503413eb35
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 241582 d79b4abf45b1120153231888e9369b27
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 243856 4617f4efe70c3d2334dbf3815b26b080
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 756496 fe6b36367b8160192d243f44c8d7959c
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 349032 951323e154abeb8ff0b1d5990a3356d9
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 2341164 898b02269693c1dc9d4e85eacdb991fe
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 174080 f880c10ee8abcc5971d4d71cfbd5a789
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 1280720 6a2768a71394f74ed4fdd8b154014fb7
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 428970 ccc8c86963b89ac3f806ff0b915ac6b8
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 846094 ecda53751ab05f59428df9db44d153b9
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 1844 7066cb7dd5bc5b52a4f8579e23b8c1fc
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 142682 04d14b576294367b82cf7f3dcbd0ca61
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 108744 4f59b8fbd87d2e2c2dd12f02dee15893
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 525376 f259112b9c05caa00de335b5fc2a4e35
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 147818 42b1730925c9d53e51ede12887eb60da
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 77926 56d949ef7c22725ea10e798d09b570d8
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 183782 6eaef2a0b5dfea5c277681eae394389f
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 1105220 4f71d3e5e84648b2f8fb662c7bdd8721
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_amd64.deb
Size/MD5: 65914 c2a4c7ef659d47bcac41429c81e8035e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 85788 53be85a3920683eda23b432f57acd796
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 24304626 2b3be6612267da16ab97b35e89b9471b
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 81748 7e9a1ca18216f45cb27d3b11d45f09bb
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 257800 95f21ec8cf903152c389d7a2e7cf48f6
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 94336 768adaaa0d41b35b86045017f37cde7d
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 230324 b22891898ec973c4e86c4622b8e18f91
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 219756 517cfb5a18459f7f67df3f7bd0755a48
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 740916 8a45e2620184dd7eacf8eafcfe4f660d
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 330956 68041c2a4e20586ac770877585b5d77e
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 2204438 240cba9a4bcb16ba9237297e02614857
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 170214 53c2b16e78f9e398158a7111d1ad11df
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 1239112 53012b575051578597258b126dff3b49
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 387384 b56cb31d40f545c88100bfa030ae0ab9
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 776140 d848385988e6b5bc513e4d12f4d7af82
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 1842 b20aa9d301448add14cb5c9c5457b979
http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 130190 b26befcc538142491521783fc01aacef
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 100774 105aace69481c23b1a5b735324411da0
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 511044 fccefc6eeed48f4366be4940da3964fe
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 143354 908f3178d759ecf90ff53131ec9d67a6
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 74352 bc89f12091e5a09fc267f540b5245c2f
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 172366 25c5a1925b01d6ffd3ee9c02a17a8fc4
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 1064362 1851b039bac9321ca8f5e0e052e58b99
http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_i386.deb
Size/MD5: 64086 5c64a636e7acbcf6cd11162764950d3b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 86070 5dc2774b81dddd388cde34c5d4ca0ddb
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 24351384 15a94944aeb9304e179348be29381238
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 81752 3030ff1d36cfe6ca7f861f8be8683e97
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 258026 fc8db1d46249b1fcee9bb847863bb835
http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 94502 420687d63f968021285df74ad432fdd6
http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 228460 0df599c4953a42cb9af25095ecd73968
http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 218950 c20e72957108373ec48c91b7fa8e8767
http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 742730 5803e967672c4f199be5e8a322ca6960
http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 330260 0984f2faadeda3c0c81527a93ec25ef3
http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 2201702 17148aab651d8b05e4c93bf0f2d391c4
http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 169790 5ea61da51979d8f9924c7916cf780178
http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 1233850 48432d230e652ea2cde954cc45c9c28e
http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 384086 207ba362f7e4239b55b2dac3046858a0
http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 776560 1d201d86fbeea107b2aad2cb2400fc37
http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 1842 8df7be1bc072ba4ff273b03c5b19e819
http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 129570 64052cec559b5767aade626217b8bcd7
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 101256 e3658bf00d56721d2da85ca3660a506b
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 513070 54020e97a43eede6b305de18200a2488
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 144298 2034357eddd9a4cb52f8f54e5561ba63
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 74600 ed7e4c54a488bb79332d64a045accf98
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 172846 d5a69b17755c86f324fec2246bccc87d
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 1064046 017762a5bebef4487f39a366d1cad312
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_lpia.deb
Size/MD5: 63990 5c84f27036378f9af9433ac37cc974cf
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 91948 e0bb55a2bdb1d154998fe9c7134aeef0
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 25632492 982599c525a707753babdba69be52942
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 81758 dc2736841857f69cc382449c9e32393c
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 336510 d20fb086662c92a1a85c46e99f90969b
http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 102892 4f46136b41f2113c5fee391205d9d71c
http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 240014 4958424bfb1e78f61cbe23dad1ad167d
http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 247146 493a10260793626081a521296f7be5ee
http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 755698 c7bc281bfdab14b32f10599ef88b3c7c
http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 350586 5cfa544547a2d3c9045d4cb35d302ae5
http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 2301042 ad7f27f34aafe49fe1c2997e3f75ea49
http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 176980 6c7197638796a81c6e6464e96b9c575d
http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 1335906 3cb7c32d633955d3dd5c8d78b9f8c93e
http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 443116 a07748f9ebe7156f4513138395f17aa2
http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 831266 e95881ef6279a70b3ec7aa1fa10231ae
http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 1844 99b1bf1059675540d7765898c26dbff3
http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 137596 ecb9f47360d9a8518a3262fb7b3c8f78
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 111332 c3243de9d689a670cbc45f27c31c8524
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 529446 af7a701269708c45bfdb07de5594d901
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 150738 7a016034d38ddde02edca41118c794bd
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 79102 a82657bbda43c62efc264f0bc208ee5a
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 184020 457c16d19ed7410f817037fb58a1255b
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 1078896 962a7d823a4661745503cf7cad02c20d
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_powerpc.deb
Size/MD5: 67866 3e4c53ef4cde081bf9f574f2519def1e
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 83866 cbaa71c066561b83a323af6a590664d7
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 24348032 2754a596f5c685aa9219f7f56bee3b30
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 81750 c0e36be365dff7b385690b8012501c26
http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 260116 bf4ee3267d0a210a3d5fff19303b8f34
http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 92776 a7c707629eafd6fd431e6a650fbac5be
http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 226558 3ac2a71cd980fdf5d900846a371f14ae
http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 219676 d28df83337830bab08729b8f94fc033f
http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 742670 9179a1326aa6432e0e4e3759e208b4d1
http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 331092 88a715409b9c1bc015420295eabc6ee1
http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 2258850 79f901432f73373a28b77479477246bd
http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 171042 773130f71a0952dad31b0c6c234c71da
http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 1299618 a91476637867effa378b7b9e9d69df8f
http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 382468 cf37a8a67930633e4cc620943303f21d
http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 783416 9b95823311c16e4d60fb33f964dc20c8
http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 1844 e936526996a56fd4b75c15839b730d89
http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 127684 eafaad98a0b1e37beb534d046bf44e78
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 100906 5a95d17f36487dd23a28a8a4fb7ae28b
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 516752 f47caeef90291df73353dda3ce0b161d
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 144748 7765211ed85bf307ae9d9b6ab9351d7e
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 74212 1011fcfbb859742c76dc97fb73b5dc08
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 173242 50ab9248cd7ff049fde225bc3104c1bb
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 1052678 e8cb038cb06e5f288f9ab8b500ea1b42
http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_sparc.deb
Size/MD5: 63748 c05e6e11a40ab7c7734611c6b2d26c17
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2009:331 http://www.mandriva.com/security/
Package : kdegraphics Date : December 10, 2009 Affected: Corporate 4.0
Problem Description:
Multiple vulnerabilities has been found and corrected in kdegraphics:
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) setBitmap and (2) readSymbolDictSeg (CVE-2009-0146).
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier allow remote attackers to cause a denial of service (crash) via a crafted PDF file (CVE-2009-0147).
The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory (CVE-2009-0166). NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0791). (CVE-2009-1709).
This update provides a solution to this vulnerability.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709
Updated Packages:
Corporate 4.0: 0ec7bf7b568cd017c976b581046a4665 corporate/4.0/i586/kdegraphics-3.5.4-0.9.20060mlcs4.i586.rpm 32bf2180033208d0d7fb98a1670f76ef corporate/4.0/i586/kdegraphics-common-3.5.4-0.9.20060mlcs4.i586.rpm fc4d07f38b7c38a41924a87d1da87a7b corporate/4.0/i586/kdegraphics-kcolorchooser-3.5.4-0.9.20060mlcs4.i586.rpm 60ac7ec91991f24378608445602156b4 corporate/4.0/i586/kdegraphics-kcoloredit-3.5.4-0.9.20060mlcs4.i586.rpm e23a46f8928ff9bf43dfb85d030d66f4 corporate/4.0/i586/kdegraphics-kdvi-3.5.4-0.9.20060mlcs4.i586.rpm 0da4d8567fd0102fa3b71e14d7e77cce corporate/4.0/i586/kdegraphics-kfax-3.5.4-0.9.20060mlcs4.i586.rpm 71e5fc67191644df05dc3eeaf3eea182 corporate/4.0/i586/kdegraphics-kghostview-3.5.4-0.9.20060mlcs4.i586.rpm 5f712336e95e534ee5438bd6b601a6d5 corporate/4.0/i586/kdegraphics-kiconedit-3.5.4-0.9.20060mlcs4.i586.rpm b37b6097ac674ebc3296125ed1c33615 corporate/4.0/i586/kdegraphics-kolourpaint-3.5.4-0.9.20060mlcs4.i586.rpm d873b5de956fa6f936135a0046387bf1 corporate/4.0/i586/kdegraphics-kooka-3.5.4-0.9.20060mlcs4.i586.rpm 2474e300ccd833db71a756b34d9fec94 corporate/4.0/i586/kdegraphics-kpdf-3.5.4-0.9.20060mlcs4.i586.rpm 0454ff14fce7eda256890967555693bb corporate/4.0/i586/kdegraphics-kpovmodeler-3.5.4-0.9.20060mlcs4.i586.rpm bd79021aab7f406657774da069cc677d corporate/4.0/i586/kdegraphics-kruler-3.5.4-0.9.20060mlcs4.i586.rpm 5ab29c519209bc802613729896d84c63 corporate/4.0/i586/kdegraphics-ksnapshot-3.5.4-0.9.20060mlcs4.i586.rpm 771cf8aa682b615babcc8748cc09f4a9 corporate/4.0/i586/kdegraphics-ksvg-3.5.4-0.9.20060mlcs4.i586.rpm 1445a204c7aa0dae1eefab7b0d5f5839 corporate/4.0/i586/kdegraphics-kuickshow-3.5.4-0.9.20060mlcs4.i586.rpm fbd113f1442541e0cb05b624a2e08c74 corporate/4.0/i586/kdegraphics-kview-3.5.4-0.9.20060mlcs4.i586.rpm 94dec05663eb9499d974ba3d6b14e885 corporate/4.0/i586/kdegraphics-mrmlsearch-3.5.4-0.9.20060mlcs4.i586.rpm 86ca6e187a798897c25d5c9a66112b96 corporate/4.0/i586/libkdegraphics0-common-3.5.4-0.9.20060mlcs4.i586.rpm ed07099f0f6983c87188cd7cbe6fa4f5 corporate/4.0/i586/libkdegraphics0-common-devel-3.5.4-0.9.20060mlcs4.i586.rpm 978a543e6af07842a0facab486419848 corporate/4.0/i586/libkdegraphics0-kghostview-3.5.4-0.9.20060mlcs4.i586.rpm 9a7f4cf394eda5f91fe2d288bf6f6248 corporate/4.0/i586/libkdegraphics0-kghostview-devel-3.5.4-0.9.20060mlcs4.i586.rpm c47855bb4af164237de071eca478b852 corporate/4.0/i586/libkdegraphics0-kooka-3.5.4-0.9.20060mlcs4.i586.rpm 61361d801c9e0bfc677147a0ebed83cc corporate/4.0/i586/libkdegraphics0-kooka-devel-3.5.4-0.9.20060mlcs4.i586.rpm 78333238aa1949fbd32f4bbe17587819 corporate/4.0/i586/libkdegraphics0-kpovmodeler-3.5.4-0.9.20060mlcs4.i586.rpm cd42ba63d5df96750d5e0b65662a16c7 corporate/4.0/i586/libkdegraphics0-kpovmodeler-devel-3.5.4-0.9.20060mlcs4.i586.rpm 45077a5366e72fd55f7ddf819ce087f9 corporate/4.0/i586/libkdegraphics0-ksvg-3.5.4-0.9.20060mlcs4.i586.rpm efbe90c91e2762073332c0994bdf0349 corporate/4.0/i586/libkdegraphics0-ksvg-devel-3.5.4-0.9.20060mlcs4.i586.rpm 4acdcf255082a2bb7328a4ac805dbcaa corporate/4.0/i586/libkdegraphics0-kview-3.5.4-0.9.20060mlcs4.i586.rpm fddafb351cdd4da03e33f08d4af73622 corporate/4.0/i586/libkdegraphics0-kview-devel-3.5.4-0.9.20060mlcs4.i586.rpm 64deef0a4a406a04f476f5263478d2e3 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.9.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 0fd67ad8a003f2cc7b4b5b0f295af59e corporate/4.0/x86_64/kdegraphics-3.5.4-0.9.20060mlcs4.x86_64.rpm 1e62299bf29230174331f43de7215366 corporate/4.0/x86_64/kdegraphics-common-3.5.4-0.9.20060mlcs4.x86_64.rpm a9c5b4e3f0db3db937261c8f504c44ca corporate/4.0/x86_64/kdegraphics-kcolorchooser-3.5.4-0.9.20060mlcs4.x86_64.rpm 0c0cfaf7fb1fe22bac1740425df135b2 corporate/4.0/x86_64/kdegraphics-kcoloredit-3.5.4-0.9.20060mlcs4.x86_64.rpm 9e961f83cdc9734007f9d5a90f4c888c corporate/4.0/x86_64/kdegraphics-kdvi-3.5.4-0.9.20060mlcs4.x86_64.rpm a7a5204dadd20443f879cc696906ed70 corporate/4.0/x86_64/kdegraphics-kfax-3.5.4-0.9.20060mlcs4.x86_64.rpm 1bfb78ecd8e44dc61c48dad786238bad corporate/4.0/x86_64/kdegraphics-kghostview-3.5.4-0.9.20060mlcs4.x86_64.rpm ddf5c19dbfcc64bb227173cb331dd661 corporate/4.0/x86_64/kdegraphics-kiconedit-3.5.4-0.9.20060mlcs4.x86_64.rpm 3b77da395b388a38a39805244ffb45dc corporate/4.0/x86_64/kdegraphics-kolourpaint-3.5.4-0.9.20060mlcs4.x86_64.rpm 52a4a93e2655edafc36d2e75c4adacb0 corporate/4.0/x86_64/kdegraphics-kooka-3.5.4-0.9.20060mlcs4.x86_64.rpm 6f4cdfee02441d22543b93252023490c corporate/4.0/x86_64/kdegraphics-kpdf-3.5.4-0.9.20060mlcs4.x86_64.rpm e7351156f775cda56b9a026d6d230b66 corporate/4.0/x86_64/kdegraphics-kpovmodeler-3.5.4-0.9.20060mlcs4.x86_64.rpm 54062812371d272f1f7115143d750d18 corporate/4.0/x86_64/kdegraphics-kruler-3.5.4-0.9.20060mlcs4.x86_64.rpm 7967101313636798c9e67d7d6d9f7e8e corporate/4.0/x86_64/kdegraphics-ksnapshot-3.5.4-0.9.20060mlcs4.x86_64.rpm db3dc6a00c46848ae9a31f8db2adb76b corporate/4.0/x86_64/kdegraphics-ksvg-3.5.4-0.9.20060mlcs4.x86_64.rpm 7bf017292f4ea7eb0007e30ee5f7ea06 corporate/4.0/x86_64/kdegraphics-kuickshow-3.5.4-0.9.20060mlcs4.x86_64.rpm ea3a9b102557f7b71e5988b11812fb9d corporate/4.0/x86_64/kdegraphics-kview-3.5.4-0.9.20060mlcs4.x86_64.rpm 49ce4f2918d3ca3a726f157db4e326ff corporate/4.0/x86_64/kdegraphics-mrmlsearch-3.5.4-0.9.20060mlcs4.x86_64.rpm 37962c005b21c9f034168193ac143686 corporate/4.0/x86_64/lib64kdegraphics0-common-3.5.4-0.9.20060mlcs4.x86_64.rpm 78bc99fdf48570c57b8d8e04578d0b0f corporate/4.0/x86_64/lib64kdegraphics0-common-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm f2627650fccc5194666844f18ff6a2e9 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-3.5.4-0.9.20060mlcs4.x86_64.rpm d6031ac8e48c554df0456a5c6ca25a6c corporate/4.0/x86_64/lib64kdegraphics0-kghostview-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm e485c792b85edd25c29025900c71d9a5 corporate/4.0/x86_64/lib64kdegraphics0-kooka-3.5.4-0.9.20060mlcs4.x86_64.rpm c9d19e68cc7d9b1c17fce9f572c063d7 corporate/4.0/x86_64/lib64kdegraphics0-kooka-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm c984a53011f393d7cbb6f2cc0774efa3 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-3.5.4-0.9.20060mlcs4.x86_64.rpm 8d1c6a2c8eaf161632f5a333bd1639d8 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm 0f066ee3e189779638a4c5d7c6d08b78 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-3.5.4-0.9.20060mlcs4.x86_64.rpm 7efa7c6905de7b624e95ea8ba16088d8 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm e407dc0360d9108ce56b58b0bbce8d7e corporate/4.0/x86_64/lib64kdegraphics0-kview-3.5.4-0.9.20060mlcs4.x86_64.rpm a1227e9c72b228994582c91678763e1e corporate/4.0/x86_64/lib64kdegraphics0-kview-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm 64deef0a4a406a04f476f5263478d2e3 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.9.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFLIQ2nmqjQ0CJFipgRAtveAKDD76Mn1SvVN71DMEESnFqN7Qk5+wCdGGMa H2tf9QJ8H8rPmPybWHl8Yxs= =DMWI -----END PGP SIGNATURE----- . ZDI-09-034: Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-034 June 8, 2009
-- CVE ID: CVE-2009-1709
-- Affected Vendors: Apple
-- Affected Products: Apple Safari
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6569.
-- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at:
http://support.apple.com/kb/HT3613
-- Disclosure Timeline: 2008-11-10 - Vulnerability reported to vendor 2009-06-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
. (CVE-2009-1709)
Packages for 2008.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0719",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "4.0_beta"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "0.9"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.3"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "0.8"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.7"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel optional productivity applications",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel optional productivity applications eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.3.z (server)"
},
{
"model": "safari",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "kdegraphics",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.4"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"db": "BID",
"id": "35334"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-193"
},
{
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0_beta",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-034"
}
],
"trust": 0.7
},
"cve": "CVE-2009-1709",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-1709",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-39155",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-1709",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-193",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-39155",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39155"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-193"
},
{
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the garbage collection of JavaScript set elements in WebCore. When an SVG set object is appended to an SVG marker element that is dereferenced, calls to the targetElement attribute will fail to reference count the marker element. When the set element is appended to another object, subsequent calls to the targetElement attribute will result in a heap corruption which can be leveraged to execute arbitrary code under the context of the current user. WebKit is prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. WebKit is an open source web browser engine currently used by browsers such as Safari and Chrome. ===========================================================\nUbuntu Security Notice USN-823-1 August 24, 2009\nkdegraphics vulnerabilities\nCVE-2009-0945, CVE-2009-1709\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.04 LTS:\n ksvg 4:3.5.10-0ubuntu1~hardy1.1\n\nAfter a standard system upgrade you need to restart your session to effect\nthe necessary changes. \n\nDetails follow:\n\nIt was discovered that KDE-Graphics did not properly handle certain\nmalformed SVG images. \n\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1.diff.gz\n Size/MD5: 855597 2ce6d700dbb5c1ed0adfd4d1264713ea\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1.dsc\n Size/MD5: 1523 3f59822daa292354c1a068b20e6d4d11\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10.orig.tar.gz\n Size/MD5: 9033567 a5df57c0533ba1978ba7f5c375f3b8e2\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics-doc-html_3.5.10-0ubuntu1~hardy1.1_all.deb\n Size/MD5: 148228 8c48a5c6e73f61613275d4c322740761\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1_all.deb\n Size/MD5: 15676 9754496d16002d753df1faf142146983\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 91118 abef1540cdffd100731aa22dd8c3b347\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 24851972 c6eab2f11115d68fd401092efd9ba0ec\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 81740 e14c17a3bed21e88bcb41bbb471251ae\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 301554 23fa6907d9f6a78973c519f2c29eddeb\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 99112 b26131b0a1db75624913df503413eb35\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 241582 d79b4abf45b1120153231888e9369b27\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 243856 4617f4efe70c3d2334dbf3815b26b080\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 756496 fe6b36367b8160192d243f44c8d7959c\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 349032 951323e154abeb8ff0b1d5990a3356d9\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 2341164 898b02269693c1dc9d4e85eacdb991fe\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 174080 f880c10ee8abcc5971d4d71cfbd5a789\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 1280720 6a2768a71394f74ed4fdd8b154014fb7\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 428970 ccc8c86963b89ac3f806ff0b915ac6b8\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 846094 ecda53751ab05f59428df9db44d153b9\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 1844 7066cb7dd5bc5b52a4f8579e23b8c1fc\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 142682 04d14b576294367b82cf7f3dcbd0ca61\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 108744 4f59b8fbd87d2e2c2dd12f02dee15893\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 525376 f259112b9c05caa00de335b5fc2a4e35\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 147818 42b1730925c9d53e51ede12887eb60da\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 77926 56d949ef7c22725ea10e798d09b570d8\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 183782 6eaef2a0b5dfea5c277681eae394389f\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 1105220 4f71d3e5e84648b2f8fb662c7bdd8721\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_amd64.deb\n Size/MD5: 65914 c2a4c7ef659d47bcac41429c81e8035e\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 85788 53be85a3920683eda23b432f57acd796\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 24304626 2b3be6612267da16ab97b35e89b9471b\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 81748 7e9a1ca18216f45cb27d3b11d45f09bb\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 257800 95f21ec8cf903152c389d7a2e7cf48f6\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 94336 768adaaa0d41b35b86045017f37cde7d\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 230324 b22891898ec973c4e86c4622b8e18f91\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 219756 517cfb5a18459f7f67df3f7bd0755a48\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 740916 8a45e2620184dd7eacf8eafcfe4f660d\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 330956 68041c2a4e20586ac770877585b5d77e\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 2204438 240cba9a4bcb16ba9237297e02614857\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 170214 53c2b16e78f9e398158a7111d1ad11df\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 1239112 53012b575051578597258b126dff3b49\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 387384 b56cb31d40f545c88100bfa030ae0ab9\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 776140 d848385988e6b5bc513e4d12f4d7af82\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 1842 b20aa9d301448add14cb5c9c5457b979\n http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 130190 b26befcc538142491521783fc01aacef\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 100774 105aace69481c23b1a5b735324411da0\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 511044 fccefc6eeed48f4366be4940da3964fe\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 143354 908f3178d759ecf90ff53131ec9d67a6\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 74352 bc89f12091e5a09fc267f540b5245c2f\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 172366 25c5a1925b01d6ffd3ee9c02a17a8fc4\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 1064362 1851b039bac9321ca8f5e0e052e58b99\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_i386.deb\n Size/MD5: 64086 5c64a636e7acbcf6cd11162764950d3b\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 86070 5dc2774b81dddd388cde34c5d4ca0ddb\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 24351384 15a94944aeb9304e179348be29381238\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 81752 3030ff1d36cfe6ca7f861f8be8683e97\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 258026 fc8db1d46249b1fcee9bb847863bb835\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 94502 420687d63f968021285df74ad432fdd6\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 228460 0df599c4953a42cb9af25095ecd73968\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 218950 c20e72957108373ec48c91b7fa8e8767\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 742730 5803e967672c4f199be5e8a322ca6960\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 330260 0984f2faadeda3c0c81527a93ec25ef3\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 2201702 17148aab651d8b05e4c93bf0f2d391c4\n http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 169790 5ea61da51979d8f9924c7916cf780178\n http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 1233850 48432d230e652ea2cde954cc45c9c28e\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 384086 207ba362f7e4239b55b2dac3046858a0\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 776560 1d201d86fbeea107b2aad2cb2400fc37\n http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 1842 8df7be1bc072ba4ff273b03c5b19e819\n http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 129570 64052cec559b5767aade626217b8bcd7\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 101256 e3658bf00d56721d2da85ca3660a506b\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 513070 54020e97a43eede6b305de18200a2488\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 144298 2034357eddd9a4cb52f8f54e5561ba63\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 74600 ed7e4c54a488bb79332d64a045accf98\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 172846 d5a69b17755c86f324fec2246bccc87d\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 1064046 017762a5bebef4487f39a366d1cad312\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_lpia.deb\n Size/MD5: 63990 5c84f27036378f9af9433ac37cc974cf\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 91948 e0bb55a2bdb1d154998fe9c7134aeef0\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 25632492 982599c525a707753babdba69be52942\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 81758 dc2736841857f69cc382449c9e32393c\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 336510 d20fb086662c92a1a85c46e99f90969b\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 102892 4f46136b41f2113c5fee391205d9d71c\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 240014 4958424bfb1e78f61cbe23dad1ad167d\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 247146 493a10260793626081a521296f7be5ee\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 755698 c7bc281bfdab14b32f10599ef88b3c7c\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 350586 5cfa544547a2d3c9045d4cb35d302ae5\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 2301042 ad7f27f34aafe49fe1c2997e3f75ea49\n http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 176980 6c7197638796a81c6e6464e96b9c575d\n http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 1335906 3cb7c32d633955d3dd5c8d78b9f8c93e\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 443116 a07748f9ebe7156f4513138395f17aa2\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 831266 e95881ef6279a70b3ec7aa1fa10231ae\n http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 1844 99b1bf1059675540d7765898c26dbff3\n http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 137596 ecb9f47360d9a8518a3262fb7b3c8f78\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 111332 c3243de9d689a670cbc45f27c31c8524\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 529446 af7a701269708c45bfdb07de5594d901\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 150738 7a016034d38ddde02edca41118c794bd\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 79102 a82657bbda43c62efc264f0bc208ee5a\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 184020 457c16d19ed7410f817037fb58a1255b\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 1078896 962a7d823a4661745503cf7cad02c20d\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_powerpc.deb\n Size/MD5: 67866 3e4c53ef4cde081bf9f574f2519def1e\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 83866 cbaa71c066561b83a323af6a590664d7\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 24348032 2754a596f5c685aa9219f7f56bee3b30\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 81750 c0e36be365dff7b385690b8012501c26\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 260116 bf4ee3267d0a210a3d5fff19303b8f34\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 92776 a7c707629eafd6fd431e6a650fbac5be\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 226558 3ac2a71cd980fdf5d900846a371f14ae\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 219676 d28df83337830bab08729b8f94fc033f\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 742670 9179a1326aa6432e0e4e3759e208b4d1\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 331092 88a715409b9c1bc015420295eabc6ee1\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 2258850 79f901432f73373a28b77479477246bd\n http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 171042 773130f71a0952dad31b0c6c234c71da\n http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 1299618 a91476637867effa378b7b9e9d69df8f\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 382468 cf37a8a67930633e4cc620943303f21d\n http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 783416 9b95823311c16e4d60fb33f964dc20c8\n http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 1844 e936526996a56fd4b75c15839b730d89\n http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 127684 eafaad98a0b1e37beb534d046bf44e78\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 100906 5a95d17f36487dd23a28a8a4fb7ae28b\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 516752 f47caeef90291df73353dda3ce0b161d\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 144748 7765211ed85bf307ae9d9b6ab9351d7e\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 74212 1011fcfbb859742c76dc97fb73b5dc08\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 173242 50ab9248cd7ff049fde225bc3104c1bb\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 1052678 e8cb038cb06e5f288f9ab8b500ea1b42\n http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_sparc.deb\n Size/MD5: 63748 c05e6e11a40ab7c7734611c6b2d26c17\n\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2009:331\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : kdegraphics\n Date : December 10, 2009\n Affected: Corporate 4.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been found and corrected in kdegraphics:\n \n Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2\n and earlier allow remote attackers to cause a denial of service\n (crash) via a crafted PDF file, related to (1) setBitmap and (2)\n readSymbolDictSeg (CVE-2009-0146). \n \n Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and\n earlier allow remote attackers to cause a denial of service (crash)\n via a crafted PDF file (CVE-2009-0147). \n \n The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers\n to cause a denial of service (crash) via a crafted PDF file that\n triggers a free of uninitialized memory (CVE-2009-0166). NOTE: the\n JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0791). (CVE-2009-1709). \n \n This update provides a solution to this vulnerability. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709\n _______________________________________________________________________\n\n Updated Packages:\n\n Corporate 4.0:\n 0ec7bf7b568cd017c976b581046a4665 corporate/4.0/i586/kdegraphics-3.5.4-0.9.20060mlcs4.i586.rpm\n 32bf2180033208d0d7fb98a1670f76ef corporate/4.0/i586/kdegraphics-common-3.5.4-0.9.20060mlcs4.i586.rpm\n fc4d07f38b7c38a41924a87d1da87a7b corporate/4.0/i586/kdegraphics-kcolorchooser-3.5.4-0.9.20060mlcs4.i586.rpm\n 60ac7ec91991f24378608445602156b4 corporate/4.0/i586/kdegraphics-kcoloredit-3.5.4-0.9.20060mlcs4.i586.rpm\n e23a46f8928ff9bf43dfb85d030d66f4 corporate/4.0/i586/kdegraphics-kdvi-3.5.4-0.9.20060mlcs4.i586.rpm\n 0da4d8567fd0102fa3b71e14d7e77cce corporate/4.0/i586/kdegraphics-kfax-3.5.4-0.9.20060mlcs4.i586.rpm\n 71e5fc67191644df05dc3eeaf3eea182 corporate/4.0/i586/kdegraphics-kghostview-3.5.4-0.9.20060mlcs4.i586.rpm\n 5f712336e95e534ee5438bd6b601a6d5 corporate/4.0/i586/kdegraphics-kiconedit-3.5.4-0.9.20060mlcs4.i586.rpm\n b37b6097ac674ebc3296125ed1c33615 corporate/4.0/i586/kdegraphics-kolourpaint-3.5.4-0.9.20060mlcs4.i586.rpm\n d873b5de956fa6f936135a0046387bf1 corporate/4.0/i586/kdegraphics-kooka-3.5.4-0.9.20060mlcs4.i586.rpm\n 2474e300ccd833db71a756b34d9fec94 corporate/4.0/i586/kdegraphics-kpdf-3.5.4-0.9.20060mlcs4.i586.rpm\n 0454ff14fce7eda256890967555693bb corporate/4.0/i586/kdegraphics-kpovmodeler-3.5.4-0.9.20060mlcs4.i586.rpm\n bd79021aab7f406657774da069cc677d corporate/4.0/i586/kdegraphics-kruler-3.5.4-0.9.20060mlcs4.i586.rpm\n 5ab29c519209bc802613729896d84c63 corporate/4.0/i586/kdegraphics-ksnapshot-3.5.4-0.9.20060mlcs4.i586.rpm\n 771cf8aa682b615babcc8748cc09f4a9 corporate/4.0/i586/kdegraphics-ksvg-3.5.4-0.9.20060mlcs4.i586.rpm\n 1445a204c7aa0dae1eefab7b0d5f5839 corporate/4.0/i586/kdegraphics-kuickshow-3.5.4-0.9.20060mlcs4.i586.rpm\n fbd113f1442541e0cb05b624a2e08c74 corporate/4.0/i586/kdegraphics-kview-3.5.4-0.9.20060mlcs4.i586.rpm\n 94dec05663eb9499d974ba3d6b14e885 corporate/4.0/i586/kdegraphics-mrmlsearch-3.5.4-0.9.20060mlcs4.i586.rpm\n 86ca6e187a798897c25d5c9a66112b96 corporate/4.0/i586/libkdegraphics0-common-3.5.4-0.9.20060mlcs4.i586.rpm\n ed07099f0f6983c87188cd7cbe6fa4f5 corporate/4.0/i586/libkdegraphics0-common-devel-3.5.4-0.9.20060mlcs4.i586.rpm\n 978a543e6af07842a0facab486419848 corporate/4.0/i586/libkdegraphics0-kghostview-3.5.4-0.9.20060mlcs4.i586.rpm\n 9a7f4cf394eda5f91fe2d288bf6f6248 corporate/4.0/i586/libkdegraphics0-kghostview-devel-3.5.4-0.9.20060mlcs4.i586.rpm\n c47855bb4af164237de071eca478b852 corporate/4.0/i586/libkdegraphics0-kooka-3.5.4-0.9.20060mlcs4.i586.rpm\n 61361d801c9e0bfc677147a0ebed83cc corporate/4.0/i586/libkdegraphics0-kooka-devel-3.5.4-0.9.20060mlcs4.i586.rpm\n 78333238aa1949fbd32f4bbe17587819 corporate/4.0/i586/libkdegraphics0-kpovmodeler-3.5.4-0.9.20060mlcs4.i586.rpm\n cd42ba63d5df96750d5e0b65662a16c7 corporate/4.0/i586/libkdegraphics0-kpovmodeler-devel-3.5.4-0.9.20060mlcs4.i586.rpm\n 45077a5366e72fd55f7ddf819ce087f9 corporate/4.0/i586/libkdegraphics0-ksvg-3.5.4-0.9.20060mlcs4.i586.rpm\n efbe90c91e2762073332c0994bdf0349 corporate/4.0/i586/libkdegraphics0-ksvg-devel-3.5.4-0.9.20060mlcs4.i586.rpm\n 4acdcf255082a2bb7328a4ac805dbcaa corporate/4.0/i586/libkdegraphics0-kview-3.5.4-0.9.20060mlcs4.i586.rpm\n fddafb351cdd4da03e33f08d4af73622 corporate/4.0/i586/libkdegraphics0-kview-devel-3.5.4-0.9.20060mlcs4.i586.rpm \n 64deef0a4a406a04f476f5263478d2e3 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.9.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 0fd67ad8a003f2cc7b4b5b0f295af59e corporate/4.0/x86_64/kdegraphics-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 1e62299bf29230174331f43de7215366 corporate/4.0/x86_64/kdegraphics-common-3.5.4-0.9.20060mlcs4.x86_64.rpm\n a9c5b4e3f0db3db937261c8f504c44ca corporate/4.0/x86_64/kdegraphics-kcolorchooser-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 0c0cfaf7fb1fe22bac1740425df135b2 corporate/4.0/x86_64/kdegraphics-kcoloredit-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 9e961f83cdc9734007f9d5a90f4c888c corporate/4.0/x86_64/kdegraphics-kdvi-3.5.4-0.9.20060mlcs4.x86_64.rpm\n a7a5204dadd20443f879cc696906ed70 corporate/4.0/x86_64/kdegraphics-kfax-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 1bfb78ecd8e44dc61c48dad786238bad corporate/4.0/x86_64/kdegraphics-kghostview-3.5.4-0.9.20060mlcs4.x86_64.rpm\n ddf5c19dbfcc64bb227173cb331dd661 corporate/4.0/x86_64/kdegraphics-kiconedit-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 3b77da395b388a38a39805244ffb45dc corporate/4.0/x86_64/kdegraphics-kolourpaint-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 52a4a93e2655edafc36d2e75c4adacb0 corporate/4.0/x86_64/kdegraphics-kooka-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 6f4cdfee02441d22543b93252023490c corporate/4.0/x86_64/kdegraphics-kpdf-3.5.4-0.9.20060mlcs4.x86_64.rpm\n e7351156f775cda56b9a026d6d230b66 corporate/4.0/x86_64/kdegraphics-kpovmodeler-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 54062812371d272f1f7115143d750d18 corporate/4.0/x86_64/kdegraphics-kruler-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 7967101313636798c9e67d7d6d9f7e8e corporate/4.0/x86_64/kdegraphics-ksnapshot-3.5.4-0.9.20060mlcs4.x86_64.rpm\n db3dc6a00c46848ae9a31f8db2adb76b corporate/4.0/x86_64/kdegraphics-ksvg-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 7bf017292f4ea7eb0007e30ee5f7ea06 corporate/4.0/x86_64/kdegraphics-kuickshow-3.5.4-0.9.20060mlcs4.x86_64.rpm\n ea3a9b102557f7b71e5988b11812fb9d corporate/4.0/x86_64/kdegraphics-kview-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 49ce4f2918d3ca3a726f157db4e326ff corporate/4.0/x86_64/kdegraphics-mrmlsearch-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 37962c005b21c9f034168193ac143686 corporate/4.0/x86_64/lib64kdegraphics0-common-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 78bc99fdf48570c57b8d8e04578d0b0f corporate/4.0/x86_64/lib64kdegraphics0-common-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm\n f2627650fccc5194666844f18ff6a2e9 corporate/4.0/x86_64/lib64kdegraphics0-kghostview-3.5.4-0.9.20060mlcs4.x86_64.rpm\n d6031ac8e48c554df0456a5c6ca25a6c corporate/4.0/x86_64/lib64kdegraphics0-kghostview-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm\n e485c792b85edd25c29025900c71d9a5 corporate/4.0/x86_64/lib64kdegraphics0-kooka-3.5.4-0.9.20060mlcs4.x86_64.rpm\n c9d19e68cc7d9b1c17fce9f572c063d7 corporate/4.0/x86_64/lib64kdegraphics0-kooka-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm\n c984a53011f393d7cbb6f2cc0774efa3 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 8d1c6a2c8eaf161632f5a333bd1639d8 corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 0f066ee3e189779638a4c5d7c6d08b78 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-3.5.4-0.9.20060mlcs4.x86_64.rpm\n 7efa7c6905de7b624e95ea8ba16088d8 corporate/4.0/x86_64/lib64kdegraphics0-ksvg-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm\n e407dc0360d9108ce56b58b0bbce8d7e corporate/4.0/x86_64/lib64kdegraphics0-kview-3.5.4-0.9.20060mlcs4.x86_64.rpm\n a1227e9c72b228994582c91678763e1e corporate/4.0/x86_64/lib64kdegraphics0-kview-devel-3.5.4-0.9.20060mlcs4.x86_64.rpm \n 64deef0a4a406a04f476f5263478d2e3 corporate/4.0/SRPMS/kdegraphics-3.5.4-0.9.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLIQ2nmqjQ0CJFipgRAtveAKDD76Mn1SvVN71DMEESnFqN7Qk5+wCdGGMa\nH2tf9QJ8H8rPmPybWHl8Yxs=\n=DMWI\n-----END PGP SIGNATURE-----\n. ZDI-09-034: Apple Safari SVG Set.targetElement() Memory Corruption\nVulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-09-034\nJune 8, 2009\n\n-- CVE ID:\nCVE-2009-1709\n\n-- Affected Vendors:\nApple\n\n-- Affected Products:\nApple Safari\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 6569. \n\n-- Vendor Response:\nApple has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://support.apple.com/kb/HT3613\n\n-- Disclosure Timeline:\n2008-11-10 - Vulnerability reported to vendor\n2009-06-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n. (CVE-2009-1709)\n \n Packages for 2008.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1709"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"db": "BID",
"id": "35334"
},
{
"db": "VULHUB",
"id": "VHN-39155"
},
{
"db": "PACKETSTORM",
"id": "80577"
},
{
"db": "PACKETSTORM",
"id": "83707"
},
{
"db": "PACKETSTORM",
"id": "78173"
},
{
"db": "PACKETSTORM",
"id": "93863"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-39155",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39155"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1709",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-09-034",
"trust": 2.8
},
{
"db": "BID",
"id": "35334",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2009-1522",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "55013",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "35379",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1022345",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "35576",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "36461",
"trust": 1.7
},
{
"db": "BID",
"id": "35260",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2011-0212",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43068",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-401",
"trust": 0.7
},
{
"db": "UBUNTU",
"id": "USN-823-1",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2009:1130",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2009-06-08-1",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200906-193",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "93863",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "78173",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-39155",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80577",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83707",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"db": "VULHUB",
"id": "VHN-39155"
},
{
"db": "BID",
"id": "35334"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"db": "PACKETSTORM",
"id": "80577"
},
{
"db": "PACKETSTORM",
"id": "83707"
},
{
"db": "PACKETSTORM",
"id": "78173"
},
{
"db": "PACKETSTORM",
"id": "93863"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-193"
},
{
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"id": "VAR-200901-0719",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-39155"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:10:28.318000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3613",
"trust": 1.5,
"url": "http://support.apple.com/kb/ht3613"
},
{
"title": "HT3613",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3613?viewlocale=ja_jp"
},
{
"title": "RHSA-2009:1130",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1130.html"
},
{
"title": "RHSA-2009:1130",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2009-1130j.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39155"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://support.apple.com/kb/ht3613"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/35334"
},
{
"trust": 2.5,
"url": "http://osvdb.org/55013"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1022345"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/35379"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"trust": 2.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-09-034/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/35260"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2009-1130.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35576"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/36461"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:182"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10162"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43068"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/823-1/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1709"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1709"
},
{
"trust": 0.6,
"url": "http://www.ubuntulinux.org/support/documentation/usn/usn-823-1"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1709"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0255.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0945"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kfax_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics-doc-html_3.5.10-0ubuntu1~hardy1.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics_3.5.10.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kolourpaint_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kiconedit_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/ksvg_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kghostview_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kruler_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kmrml_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kooka_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kview_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kcoloredit_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kviewshell_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kpdf_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan1_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-dev_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdegraphics_3.5.10-0ubuntu1~hardy1.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kdvi_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kamera_3.5.10-0ubuntu1~hardy1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kdegraphics-dbg_3.5.10-0ubuntu1~hardy1.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kfaxview_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdegraphics/kgamma_3.5.10-0ubuntu1~hardy1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/ksnapshot_3.5.10-0ubuntu1~hardy1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/libkscan-dev_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/kdegraphics/kpovmodeler_3.5.10-0ubuntu1~hardy1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0791"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-09-034"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"db": "VULHUB",
"id": "VHN-39155"
},
{
"db": "BID",
"id": "35334"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"db": "PACKETSTORM",
"id": "80577"
},
{
"db": "PACKETSTORM",
"id": "83707"
},
{
"db": "PACKETSTORM",
"id": "78173"
},
{
"db": "PACKETSTORM",
"id": "93863"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-193"
},
{
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"db": "VULHUB",
"id": "VHN-39155"
},
{
"db": "BID",
"id": "35334"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"db": "PACKETSTORM",
"id": "80577"
},
{
"db": "PACKETSTORM",
"id": "83707"
},
{
"db": "PACKETSTORM",
"id": "78173"
},
{
"db": "PACKETSTORM",
"id": "93863"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-193"
},
{
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"date": "2009-06-10T00:00:00",
"db": "VULHUB",
"id": "VHN-39155"
},
{
"date": "2009-06-08T00:00:00",
"db": "BID",
"id": "35334"
},
{
"date": "2009-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"date": "2009-08-25T02:40:16",
"db": "PACKETSTORM",
"id": "80577"
},
{
"date": "2009-12-11T00:57:14",
"db": "PACKETSTORM",
"id": "83707"
},
{
"date": "2009-06-09T18:52:18",
"db": "PACKETSTORM",
"id": "78173"
},
{
"date": "2010-09-15T02:56:57",
"db": "PACKETSTORM",
"id": "93863"
},
{
"date": "2009-01-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-193"
},
{
"date": "2009-06-10T18:00:00.733000",
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-09-034"
},
{
"date": "2018-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-39155"
},
{
"date": "2010-09-14T19:21:00",
"db": "BID",
"id": "35334"
},
{
"date": "2009-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001759"
},
{
"date": "2009-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-193"
},
{
"date": "2018-10-03T22:00:30.780000",
"db": "NVD",
"id": "CVE-2009-1709"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "78173"
},
{
"db": "PACKETSTORM",
"id": "93863"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-193"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari of WebKit Vulnerable to arbitrary code execution related to garbage collection implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001759"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-193"
}
],
"trust": 0.6
}
}
gsd-2009-1709
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-1709",
"description": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\"",
"id": "GSD-2009-1709",
"references": [
"https://www.suse.com/security/cve/CVE-2009-1709.html",
"https://www.debian.org/security/2009/dsa-1866",
"https://access.redhat.com/errata/RHSA-2009:1130"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-1709"
],
"details": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\"",
"id": "GSD-2009-1709",
"modified": "2023-12-13T01:19:48.115891Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
},
{
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "APPLE-SA-2009-06-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "35260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35260"
},
{
"name": "oval:org.mitre.oval:def:10162",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
},
{
"name": "RHSA-2009:1130",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
},
{
"name": "35576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35576"
},
{
"name": "ADV-2009-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "1022345",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022345"
},
{
"name": "35334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35334"
},
{
"name": "55013",
"refsource": "OSVDB",
"url": "http://osvdb.org/55013"
},
{
"name": "36461",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36461"
},
{
"name": "USN-823-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/823-1/"
},
{
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "35379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35379"
},
{
"name": "http://support.apple.com/kb/HT3613",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "MDVSA-2010:182",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0_beta",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1709"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35379",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "1022345",
"refsource": "SECTRACK",
"tags": [],
"url": "http://securitytracker.com/id?1022345"
},
{
"name": "35260",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/35260"
},
{
"name": "ADV-2009-1522",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "APPLE-SA-2009-06-08-1",
"refsource": "APPLE",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "http://support.apple.com/kb/HT3613",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/",
"refsource": "MISC",
"tags": [],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
},
{
"name": "55013",
"refsource": "OSVDB",
"tags": [],
"url": "http://osvdb.org/55013"
},
{
"name": "35334",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/35334"
},
{
"name": "RHSA-2009:1130",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
},
{
"name": "35576",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/35576"
},
{
"name": "36461",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/36461"
},
{
"name": "MDVSA-2010:182",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
},
{
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "43068",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/43068"
},
{
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "oval:org.mitre.oval:def:10162",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
},
{
"name": "USN-823-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/823-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2018-10-03T22:00Z",
"publishedDate": "2009-06-10T18:00Z"
}
}
}
rhsa-2009_1130
Vulnerability from csaf_redhat
Published
2009-06-25 16:19
Modified
2024-11-22 02:52
Summary
Red Hat Security Advisory: kdegraphics security update
Notes
Topic
Updated kdegraphics packages that fix two security issues are now available
for Red Hat Enterprise Linux 5.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The kdegraphics packages contain applications for the K Desktop Environment
(KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe
vector images. KSVG is a framework aimed at implementing the latest W3C SVG
specifications.
A use-after-free flaw was found in the KDE KSVG animation element
implementation. A remote attacker could create a specially-crafted SVG
image, which once opened by an unsuspecting user, could cause a denial of
service (Konqueror crash) or, potentially, execute arbitrary code with the
privileges of the user running Konqueror. (CVE-2009-1709)
A NULL pointer dereference flaw was found in the KDE, KSVG SVGList
interface implementation. A remote attacker could create a
specially-crafted SVG image, which once opened by an unsuspecting user,
would cause memory corruption, leading to a denial of service (Konqueror
crash). (CVE-2009-0945)
All users of kdegraphics should upgrade to these updated packages, which
contain backported patches to correct these issues. The desktop must be
restarted (log out, then log back in) for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kdegraphics packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The kdegraphics packages contain applications for the K Desktop Environment\n(KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe\nvector images. KSVG is a framework aimed at implementing the latest W3C SVG\nspecifications.\n\nA use-after-free flaw was found in the KDE KSVG animation element\nimplementation. A remote attacker could create a specially-crafted SVG\nimage, which once opened by an unsuspecting user, could cause a denial of\nservice (Konqueror crash) or, potentially, execute arbitrary code with the\nprivileges of the user running Konqueror. (CVE-2009-1709)\n\nA NULL pointer dereference flaw was found in the KDE, KSVG SVGList\ninterface implementation. A remote attacker could create a\nspecially-crafted SVG image, which once opened by an unsuspecting user,\nwould cause memory corruption, leading to a denial of service (Konqueror\ncrash). (CVE-2009-0945)\n\nAll users of kdegraphics should upgrade to these updated packages, which\ncontain backported patches to correct these issues. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1130",
"url": "https://access.redhat.com/errata/RHSA-2009:1130"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "506246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=506246"
},
{
"category": "external",
"summary": "506703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=506703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1130.json"
}
],
"title": "Red Hat Security Advisory: kdegraphics security update",
"tracking": {
"current_release_date": "2024-11-22T02:52:03+00:00",
"generator": {
"date": "2024-11-22T02:52:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2009:1130",
"initial_release_date": "2009-06-25T16:19:00+00:00",
"revision_history": [
{
"date": "2009-06-25T16:19:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-06-25T12:19:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T02:52:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_productivity:5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"product": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"product_id": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kdegraphics-debuginfo@3.5.4-13.el5_3?arch=x86_64\u0026epoch=7"
}
}
},
{
"category": "product_version",
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"product": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"product_id": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kdegraphics-devel@3.5.4-13.el5_3?arch=x86_64\u0026epoch=7"
}
}
},
{
"category": "product_version",
"name": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
"product": {
"name": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
"product_id": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kdegraphics@3.5.4-13.el5_3?arch=x86_64\u0026epoch=7"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"product": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"product_id": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kdegraphics-debuginfo@3.5.4-13.el5_3?arch=i386\u0026epoch=7"
}
}
},
{
"category": "product_version",
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"product": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"product_id": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kdegraphics-devel@3.5.4-13.el5_3?arch=i386\u0026epoch=7"
}
}
},
{
"category": "product_version",
"name": "kdegraphics-7:3.5.4-13.el5_3.i386",
"product": {
"name": "kdegraphics-7:3.5.4-13.el5_3.i386",
"product_id": "kdegraphics-7:3.5.4-13.el5_3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kdegraphics@3.5.4-13.el5_3?arch=i386\u0026epoch=7"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "kdegraphics-7:3.5.4-13.el5_3.src",
"product": {
"name": "kdegraphics-7:3.5.4-13.el5_3.src",
"product_id": "kdegraphics-7:3.5.4-13.el5_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kdegraphics@3.5.4-13.el5_3?arch=src\u0026epoch=7"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:kdegraphics-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:kdegraphics-7:3.5.4-13.el5_3.src"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.src",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386"
},
"product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
},
"product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"relates_to_product_reference": "5Server-DPAS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0945",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "506703"
}
],
"notes": [
{
"category": "description",
"text": "Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kdegraphics: KSVG NULL-pointer dereference in the SVGList interface implementation (ACE)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0945"
},
{
"category": "external",
"summary": "RHBZ#506703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=506703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0945",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0945"
}
],
"release_date": "2009-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-06-25T16:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1130"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "kdegraphics: KSVG NULL-pointer dereference in the SVGList interface implementation (ACE)"
},
{
"cve": "CVE-2009-1709",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2009-06-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "506246"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kdegraphics: KSVG Pointer use-after-free error in the SVG animation element (DoS, ACE)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-1709"
},
{
"category": "external",
"summary": "RHBZ#506246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=506246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-1709",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1709"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1709",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1709"
}
],
"release_date": "2009-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-06-25T16:19:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1130"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-7:3.5.4-13.el5_3.src",
"5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
"5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
"5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "kdegraphics: KSVG Pointer use-after-free error in the SVG animation element (DoS, ACE)"
}
]
}
ghsa-grpq-h627-xvm6
Vulnerability from github
Published
2022-05-02 03:27
Modified
2022-05-02 03:27
Details
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches."
{
"affected": [],
"aliases": [
"CVE-2009-1709"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-06-10T18:00:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\"",
"id": "GHSA-grpq-h627-xvm6",
"modified": "2022-05-02T03:27:48Z",
"published": "2022-05-02T03:27:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1709"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/823-1"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/55013"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35379"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/35576"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36461"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/43068"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1022345"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3613"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/35260"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/35334"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"type": "WEB",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.