← volver
CVE-2009-1725

CVE-2009-1725

EPSS 6.2%
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.apple.com/archives/security-announce/2009/Jul/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2009/Sep/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/55739https://bugzilla.redhat.com/show_bug.cgi?id=513813http://secunia.com/advisories/35758http://secunia.com/advisories/36057http://secunia.com/advisories/36062http://secunia.com/advisories/36347http://secunia.com/advisories/36677http://secunia.com/advisories/36790http://secunia.com/advisories/37746