← back
CVE-2009-1704

CVE-2009-1704

EPSS 2.5%
CFNetwork in Apple Safari before 4.0 misinterprets downloaded image files as local HTML documents in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript code by placing it in an image file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlhttp://osvdb.org/55010http://secunia.com/advisories/35379http://securitytracker.com/id?1022343http://support.apple.com/kb/HT3613http://www.securityfocus.com/bid/35260http://www.securityfocus.com/bid/35344http://www.vupen.com/english/advisories/2009/1522