ByteOS Network

NVD Vulnerability Details :

CVE-2009-1690

Modified

Source-cve@mitre.org

Published At-10 Jun, 2009 | 14:30

Updated At-23 May, 2021 | 00:52

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C

Hyperlink	Source	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=803	cve@mitre.org	N/A
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html	cve@mitre.org	Patch Vendor Advisory
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html	cve@mitre.org	Patch Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	cve@mitre.org	N/A
http://osvdb.org/54990	cve@mitre.org	N/A
http://secunia.com/advisories/35379	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/36057	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/36062	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/36790	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/37746	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/43068	cve@mitre.org	Vendor Advisory
http://securitytracker.com/id?1022345	cve@mitre.org	Patch
http://support.apple.com/kb/HT3613	cve@mitre.org	Patch Vendor Advisory
http://support.apple.com/kb/HT3639	cve@mitre.org	Patch Vendor Advisory
http://www.debian.org/security/2009/dsa-1950	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2009:330	cve@mitre.org	N/A
http://www.securityfocus.com/bid/35260	cve@mitre.org	Exploit Patch
http://www.ubuntu.com/usn/USN-822-1	cve@mitre.org	N/A
http://www.ubuntu.com/usn/USN-836-1	cve@mitre.org	N/A
http://www.ubuntu.com/usn/USN-857-1	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2009/1522	cve@mitre.org	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2009/1621	cve@mitre.org	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0212	cve@mitre.org	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11009	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html	cve@mitre.org	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History