CVE-2009-1692

2009-06-19 18:30:00 2018-10-10 21:37:53

WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Apple iPhone OS 2.2 Apple iPhone OS 2.1.1 Apple iPhone OS 2.1 Apple iPhone OS 2.0.2 Apple iPhone OS 2.0.1 Apple iPhone OS 2.0.0 Apple iPhone OS 2.0 Apple iPhone OS 1.1.5 Apple iPhone OS 1.1.4 Apple iPhone OS 1.1.3 Apple iPhone OS 1.1.2 Apple iPhone OS 1.1.1 Apple iPhone OS 1.1.0 Apple iPhone OS 1.0.2 Apple iPhone OS 1.0.1 Apple iPhone OS 1.0.0 Apple iPhone OS 2.2.1

Apple Safari

Apple iPod Touch Apple iPhone

Apple - Iphone os Apple - Ipod touch Apple - Iphone Apple - Safari

Advisory	Patch	Confirmed	Link
			9160
			https://bugs.webkit.org/show_bug.cgi?id=23319
			ADV-2011-0212
			35414
			35446
			ADV-2009-1621
			20090716 Re[2]: [GSEC-TZO-44-2009] One bug to rule them ...
			20090715 Re: [GSEC-TZO-44-2009] One bug to rule them all...
			20090715 [GSEC-TZO-44-2009] One bug to rule them all - F...
			20090715 Re:[GSEC-TZO-44-2009] One bug to rule them all ...
			DSA-1950
			http://www.g-sec.lu/one-bug-to-rule-them-all.html
			http://support.apple.com/kb/HT3639
			SUSE-SR:2011:002
			APPLE-SA-2009-06-17-1
			http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/s...

CVE-2009-1692

2009-06-19 18:30:00 2018-10-10 21:37:53

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Resource Management Errors (ID 399)