CVE-2009-1686

NONECVSS 0.0

0.0

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

🔗 References (28)

cve@mitrehttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
cve@mitrehttp://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
cve@mitrehttp://osvdb.org/54984
cve@mitrehttp://secunia.com/advisories/35379
cve@mitrehttp://secunia.com/advisories/43068
cve@mitrehttp://securitytracker.com/id?1022345
cve@mitrehttp://support.apple.com/kb/HT3613
cve@mitrehttp://support.apple.com/kb/HT3639
cve@mitrehttp://www.securityfocus.com/bid/35260
cve@mitrehttp://www.securityfocus.com/bid/35311
cve@mitrehttp://www.vupen.com/english/advisories/2009/1522
cve@mitrehttp://www.vupen.com/english/advisories/2009/1621
cve@mitrehttp://www.vupen.com/english/advisories/2011/0212
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

Is Your Infrastructure Affected by CVE-2009-1686?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-1686

📅 Published

🔄 Last Modified

🔗 References (28)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-1686?