CVE-2009-1701

high

Description

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.

References

http://www.zerodayinitiative.com/advisories/ZDI-09-033/

http://www.vupen.com/english/advisories/2011/0212

http://www.vupen.com/english/advisories/2009/1621

http://www.vupen.com/english/advisories/2009/1522

http://www.securityfocus.com/bid/35325

http://www.securityfocus.com/archive/1/504172/100/0/threaded

http://support.apple.com/kb/HT3639

http://support.apple.com/kb/HT3613

http://securitytracker.com/id?1022345

http://secunia.com/advisories/43068

http://secunia.com/advisories/35379

http://osvdb.org/55008

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

Details

Source: Mitre, NVD

Published: 2009-06-10

Updated: 2022-08-09

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High