csaf_redhat - rhsa-2009

rhsa-2009_1130

Vulnerability from csaf_redhat

Published

2009-06-25 16:19

Modified

2024-11-22 02:52

Summary

Red Hat Security Advisory: kdegraphics security update

Notes

Topic

Updated kdegraphics packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team.

Details

The kdegraphics packages contain applications for the K Desktop Environment (KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe vector images. KSVG is a framework aimed at implementing the latest W3C SVG specifications. A use-after-free flaw was found in the KDE KSVG animation element implementation. A remote attacker could create a specially-crafted SVG image, which once opened by an unsuspecting user, could cause a denial of service (Konqueror crash) or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-1709) A NULL pointer dereference flaw was found in the KDE, KSVG SVGList interface implementation. A remote attacker could create a specially-crafted SVG image, which once opened by an unsuspecting user, would cause memory corruption, leading to a denial of service (Konqueror crash). (CVE-2009-0945) All users of kdegraphics should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated kdegraphics packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kdegraphics packages contain applications for the K Desktop Environment\n(KDE). Scalable Vector Graphics (SVG) is an XML-based language to describe\nvector images. KSVG is a framework aimed at implementing the latest W3C SVG\nspecifications.\n\nA use-after-free flaw was found in the KDE KSVG animation element\nimplementation. A remote attacker could create a specially-crafted SVG\nimage, which once opened by an unsuspecting user, could cause a denial of\nservice (Konqueror crash) or, potentially, execute arbitrary code with the\nprivileges of the user running Konqueror. (CVE-2009-1709)\n\nA NULL pointer dereference flaw was found in the KDE, KSVG SVGList\ninterface implementation. A remote attacker could create a\nspecially-crafted SVG image, which once opened by an unsuspecting user,\nwould cause memory corruption, leading to a denial of service (Konqueror\ncrash). (CVE-2009-0945)\n\nAll users of kdegraphics should upgrade to these updated packages, which\ncontain backported patches to correct these issues. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2009:1130",
        "url": "https://access.redhat.com/errata/RHSA-2009:1130"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "506246",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=506246"
      },
      {
        "category": "external",
        "summary": "506703",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=506703"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1130.json"
      }
    ],
    "title": "Red Hat Security Advisory: kdegraphics security update",
    "tracking": {
      "current_release_date": "2024-11-22T02:52:03+00:00",
      "generator": {
        "date": "2024-11-22T02:52:03+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2009:1130",
      "initial_release_date": "2009-06-25T16:19:00+00:00",
      "revision_history": [
        {
          "date": "2009-06-25T16:19:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-06-25T12:19:13+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:52:03+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
                  "product_id": "5Server-DPAS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_productivity:5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                  "product_id": "5Client-Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
                "product": {
                  "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
                  "product_id": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kdegraphics-debuginfo@3.5.4-13.el5_3?arch=x86_64\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
                "product": {
                  "name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
                  "product_id": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kdegraphics-devel@3.5.4-13.el5_3?arch=x86_64\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
                "product": {
                  "name": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
                  "product_id": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kdegraphics@3.5.4-13.el5_3?arch=x86_64\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
                "product": {
                  "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
                  "product_id": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kdegraphics-debuginfo@3.5.4-13.el5_3?arch=i386\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
                "product": {
                  "name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
                  "product_id": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kdegraphics-devel@3.5.4-13.el5_3?arch=i386\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kdegraphics-7:3.5.4-13.el5_3.i386",
                "product": {
                  "name": "kdegraphics-7:3.5.4-13.el5_3.i386",
                  "product_id": "kdegraphics-7:3.5.4-13.el5_3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kdegraphics@3.5.4-13.el5_3?arch=i386\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kdegraphics-7:3.5.4-13.el5_3.src",
                "product": {
                  "name": "kdegraphics-7:3.5.4-13.el5_3.src",
                  "product_id": "kdegraphics-7:3.5.4-13.el5_3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kdegraphics@3.5.4-13.el5_3?arch=src\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.src",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kdegraphics-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kdegraphics-7:3.5.4-13.el5_3.src"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.src",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-devel-7:3.5.4-13.el5_3.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386"
        },
        "product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
        },
        "product_reference": "kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-0945",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2009-05-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "506703"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kdegraphics: KSVG NULL-pointer dereference in the SVGList interface implementation (ACE)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
          "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
          "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
          "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
          "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
          "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
          "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
          "5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
          "5Client:kdegraphics-7:3.5.4-13.el5_3.src",
          "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
          "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
          "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
          "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
          "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
          "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
          "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
          "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
          "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
          "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
          "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
          "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-0945"
        },
        {
          "category": "external",
          "summary": "RHBZ#506703",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=506703"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0945",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-0945"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0945",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0945"
        }
      ],
      "release_date": "2009-06-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-06-25T16:19:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1130"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "kdegraphics: KSVG NULL-pointer dereference in the SVGList interface implementation (ACE)"
    },
    {
      "cve": "CVE-2009-1709",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2009-06-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "506246"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kdegraphics: KSVG Pointer use-after-free error in the SVG animation element (DoS, ACE)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
          "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
          "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
          "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
          "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
          "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
          "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
          "5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
          "5Client:kdegraphics-7:3.5.4-13.el5_3.src",
          "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
          "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
          "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
          "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
          "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
          "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
          "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
          "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
          "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
          "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
          "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
          "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-1709"
        },
        {
          "category": "external",
          "summary": "RHBZ#506246",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=506246"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1709",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-1709"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1709",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1709"
        }
      ],
      "release_date": "2009-06-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-06-25T16:19:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1130"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client-Workstation:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client-Workstation:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Client:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Client:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.src",
            "5Server-DPAS:kdegraphics-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-debuginfo-7:3.5.4-13.el5_3.x86_64",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.i386",
            "5Server-DPAS:kdegraphics-devel-7:3.5.4-13.el5_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "kdegraphics: KSVG Pointer use-after-free error in the SVG animation element (DoS, ACE)"
    }
  ]
}

cve-2009-1709

Vulnerability from cvelistv5

Published

2009-06-10 17:37

Modified

2024-08-07 05:20

Severity ?

Summary

Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches."

References

▼	URL	Tags
	http://www.zerodayinitiative.com/advisories/ZDI-09-034/	x_refsource_MISC
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/35260	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2009-1130.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/35576	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2009/1522	vdb-entry, x_refsource_VUPEN
	http://securitytracker.com/id?1022345	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/35334	vdb-entry, x_refsource_BID
	http://osvdb.org/55013	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/36461	third-party-advisory, x_refsource_SECUNIA
	https://usn.ubuntu.com/823-1/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/35379	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT3613	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:182	vendor-advisory, x_refsource_MANDRIVA

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:20:35.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "APPLE-SA-2009-06-08-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
          },
          {
            "name": "35260",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35260"
          },
          {
            "name": "oval:org.mitre.oval:def:10162",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
          },
          {
            "name": "RHSA-2009:1130",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
          },
          {
            "name": "35576",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35576"
          },
          {
            "name": "ADV-2009-1522",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1522"
          },
          {
            "name": "1022345",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1022345"
          },
          {
            "name": "35334",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35334"
          },
          {
            "name": "55013",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55013"
          },
          {
            "name": "36461",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36461"
          },
          {
            "name": "USN-823-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/823-1/"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "35379",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35379"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3613"
          },
          {
            "name": "MDVSA-2010:182",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-06-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "APPLE-SA-2009-06-08-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
        },
        {
          "name": "35260",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35260"
        },
        {
          "name": "oval:org.mitre.oval:def:10162",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
        },
        {
          "name": "RHSA-2009:1130",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
        },
        {
          "name": "35576",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35576"
        },
        {
          "name": "ADV-2009-1522",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1522"
        },
        {
          "name": "1022345",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1022345"
        },
        {
          "name": "35334",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35334"
        },
        {
          "name": "55013",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55013"
        },
        {
          "name": "36461",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36461"
        },
        {
          "name": "USN-823-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/823-1/"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "35379",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35379"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3613"
        },
        {
          "name": "MDVSA-2010:182",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1709",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified \"caches.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-034/"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "APPLE-SA-2009-06-08-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
            },
            {
              "name": "35260",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35260"
            },
            {
              "name": "oval:org.mitre.oval:def:10162",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162"
            },
            {
              "name": "RHSA-2009:1130",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
            },
            {
              "name": "35576",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35576"
            },
            {
              "name": "ADV-2009-1522",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1522"
            },
            {
              "name": "1022345",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1022345"
            },
            {
              "name": "35334",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35334"
            },
            {
              "name": "55013",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55013"
            },
            {
              "name": "36461",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36461"
            },
            {
              "name": "USN-823-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/823-1/"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "35379",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35379"
            },
            {
              "name": "http://support.apple.com/kb/HT3613",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3613"
            },
            {
              "name": "MDVSA-2010:182",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:182"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1709",
    "datePublished": "2009-06-10T17:37:00",
    "dateReserved": "2009-05-20T00:00:00",
    "dateUpdated": "2024-08-07T05:20:35.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-0945

Vulnerability from cvelistv5

Published

2009-05-13 17:00

Modified

2024-08-07 04:57

Severity ?

Summary

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-822-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/35805	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT3639	x_refsource_CONFIRM
	http://secunia.com/advisories/43068	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2009/1621	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT3549	x_refsource_CONFIRM
	http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0212	vdb-entry, x_refsource_VUPEN
	http://www.securitytracker.com/id?1022207	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/503594/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2009-1130.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2009/1298	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/35576	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/35074	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/37746	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/36790	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/35056	third-party-advisory, x_refsource_SECUNIA
	http://www.zerodayinitiative.com/advisories/ZDI-09-022	x_refsource_MISC
	http://www.securityfocus.com/bid/34924	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/36461	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/50477	vdb-entry, x_refsource_XF
	http://lists.apple.com/archives/security-announce/2009/May/msg00000.html	vendor-advisory, x_refsource_APPLE
	https://usn.ubuntu.com/823-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2009/dsa-1950	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/36062	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-857-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2009/May/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	third-party-advisory, x_refsource_CERT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2009/1297	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/35095	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html	vendor-advisory, x_refsource_FEDORA
	http://support.apple.com/kb/HT3550	x_refsource_CONFIRM
	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html	vendor-advisory, x_refsource_FEDORA
	http://www.ubuntu.com/usn/USN-836-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2009/1321	vdb-entry, x_refsource_VUPEN
	http://code.google.com/p/chromium/issues/detail?id=9019	x_refsource_CONFIRM

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:57:17.523Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-822-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-822-1"
          },
          {
            "name": "35805",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35805"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3639"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "FEDORA-2009-8039",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
          },
          {
            "name": "ADV-2009-1621",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1621"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "1022207",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022207"
          },
          {
            "name": "20090519 ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/503594/100/0/threaded"
          },
          {
            "name": "RHSA-2009:1130",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
          },
          {
            "name": "ADV-2009-1298",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1298"
          },
          {
            "name": "35576",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35576"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "37746",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37746"
          },
          {
            "name": "36790",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36790"
          },
          {
            "name": "APPLE-SA-2009-06-17-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "35056",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35056"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-022"
          },
          {
            "name": "34924",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34924"
          },
          {
            "name": "36461",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36461"
          },
          {
            "name": "safari-webkit-svglist-bo(50477)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50477"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00000.html"
          },
          {
            "name": "USN-823-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/823-1/"
          },
          {
            "name": "DSA-1950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1950"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "36062",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36062"
          },
          {
            "name": "USN-857-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-857-1"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00001.html"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11584",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "35095",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35095"
          },
          {
            "name": "FEDORA-2009-8049",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3550"
          },
          {
            "name": "FEDORA-2009-6166",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html"
          },
          {
            "name": "USN-836-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-836-1"
          },
          {
            "name": "ADV-2009-1321",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1321"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=9019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-05-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-822-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-822-1"
        },
        {
          "name": "35805",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35805"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3639"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "FEDORA-2009-8039",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
        },
        {
          "name": "ADV-2009-1621",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1621"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "1022207",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022207"
        },
        {
          "name": "20090519 ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/503594/100/0/threaded"
        },
        {
          "name": "RHSA-2009:1130",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
        },
        {
          "name": "ADV-2009-1298",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1298"
        },
        {
          "name": "35576",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35576"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "37746",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37746"
        },
        {
          "name": "36790",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36790"
        },
        {
          "name": "APPLE-SA-2009-06-17-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "35056",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35056"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-022"
        },
        {
          "name": "34924",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34924"
        },
        {
          "name": "36461",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36461"
        },
        {
          "name": "safari-webkit-svglist-bo(50477)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50477"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00000.html"
        },
        {
          "name": "USN-823-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/823-1/"
        },
        {
          "name": "DSA-1950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1950"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "36062",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36062"
        },
        {
          "name": "USN-857-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-857-1"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00001.html"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11584",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "35095",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35095"
        },
        {
          "name": "FEDORA-2009-8049",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3550"
        },
        {
          "name": "FEDORA-2009-6166",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html"
        },
        {
          "name": "USN-836-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-836-1"
        },
        {
          "name": "ADV-2009-1321",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1321"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=9019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0945",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-822-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-822-1"
            },
            {
              "name": "35805",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35805"
            },
            {
              "name": "http://support.apple.com/kb/HT3639",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3639"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "FEDORA-2009-8039",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"
            },
            {
              "name": "ADV-2009-1621",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1621"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "1022207",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022207"
            },
            {
              "name": "20090519 ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/503594/100/0/threaded"
            },
            {
              "name": "RHSA-2009:1130",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1130.html"
            },
            {
              "name": "ADV-2009-1298",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1298"
            },
            {
              "name": "35576",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35576"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "37746",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37746"
            },
            {
              "name": "36790",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36790"
            },
            {
              "name": "APPLE-SA-2009-06-17-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "35056",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35056"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-09-022",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-022"
            },
            {
              "name": "34924",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34924"
            },
            {
              "name": "36461",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36461"
            },
            {
              "name": "safari-webkit-svglist-bo(50477)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50477"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00000.html"
            },
            {
              "name": "USN-823-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/823-1/"
            },
            {
              "name": "DSA-1950",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1950"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "36062",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36062"
            },
            {
              "name": "USN-857-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-857-1"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00001.html"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11584",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "35095",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35095"
            },
            {
              "name": "FEDORA-2009-8049",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"
            },
            {
              "name": "http://support.apple.com/kb/HT3550",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3550"
            },
            {
              "name": "FEDORA-2009-6166",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html"
            },
            {
              "name": "USN-836-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-836-1"
            },
            {
              "name": "ADV-2009-1321",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1321"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=9019",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=9019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0945",
    "datePublished": "2009-05-13T17:00:00",
    "dateReserved": "2009-03-18T00:00:00",
    "dateUpdated": "2024-08-07T04:57:17.523Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2009_1130

Vulnerability from csaf_redhat

cve-2009-1709

Vulnerability from cvelistv5

cve-2009-0945

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature