← back
CVE-2009-1701

CVE-2009-1701

EPSS 7.7%
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/55008http://secunia.com/advisories/35379http://secunia.com/advisories/43068http://securitytracker.com/id?1022345http://support.apple.com/kb/HT3613http://support.apple.com/kb/HT3639http://www.securityfocus.com/archive/1/504172/100/0/threadedhttp://www.securityfocus.com/bid/35260http://www.securityfocus.com/bid/35325