var-200906-0590
Vulnerability from variot
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object. Apple iPhone and iPod touch are prone to multiple vulnerabilities. Successfully exploiting these issues may allow attackers to bypass security restrictions, obtain sensitive information, or cause denial-of-service conditions. These issues affect the following: iPhone OS 1.0 through 2.2.1 iPhone OS for iPod touch 1.1 through 2.2.1 This BID is being retired. The following individual records have been created to better document these issues: 35433 Apple iPhone and iPod touch MPEG-4 Video Codec Denial of Service Vulnerability 35434 Apple iPhone and iPod touch Mail Client Information Disclosure Weakness 35436 Apple iPhone and iPod touch Configuration Profile Handling Information Disclosure Vulnerability 35425 Apple iPhone Call Approval Dialog Security Bypass Vulnerability 35445 Apple iPhone and iPod touch ICMP Echo Request Remote Denial of Service Vulnerability 35446 Apple iPhone and iPod touch HTMLSelectElement Denial of Service Vulnerability 35447 Apple iPhone and iPod touch Untrusted Certificate Exception Information Disclosure Vulnerability 35448 Apple iPhone and iPod touch Safari Search History Information Disclosure Vulnerability. Browsers from multiple vendors are prone to a denial-of-service vulnerability. There is a memory exhaustion issue when processing HTMLSelectElement objects. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
For more information: SA35379 SA35449 SA35581 SA37396
SOLUTION: Apply updated packages. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Palm Pre WebOS Unspecified Vulnerabilities
SECUNIA ADVISORY ID: SA36977
VERIFY ADVISORY: http://secunia.com/advisories/36977/
DESCRIPTION: Some vulnerabilities have been reported in Palm Pre WebOS, which have unknown impacts.
The vulnerabilities are caused due to unspecified errors. No further information is currently available.
The vulnerabilities are reported in versions prior to 1.2.1.
SOLUTION: Update to version 1.2.1.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#121
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1950 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano December 12, 2009 http://www.debian.org/security/faq
Package : webkit Vulnerability : several Problem type : remote (local) Debian-specific: no CVE Id : CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698 CVE-2009-1711 CVE-2009-1712 CVE-2009-1725 CVE-2009-1714 CVE-2009-1710 CVE-2009-1697 CVE-2009-1695 CVE-2009-1693 CVE-2009-1694 CVE-2009-1681 CVE-2009-1684 CVE-2009-1692 Debian Bug : 532724 532725 534946 535793 538346
Several vulnerabilities have been discovered in webkit, a Web content engine library for Gtk+. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-0945
Array index error in the insertItemBefore method in WebKit, allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, or SVGLengthList SVGList object, which triggers memory corruption.
CVE-2009-1687
The JavaScript garbage collector in WebKit does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an "offset of a NULL pointer."
CVE-2009-1690
Use-after-free vulnerability in WebKit, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
CVE-2009-1698
WebKit does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
CVE-2009-1711
WebKit does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.
CVE-2009-1712
WebKit does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element.
CVE-2009-1725
WebKit do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
CVE-2009-1714
Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML attributes.
CVE-2009-1710
WebKit allows remote attackers to spoof the browser's display of the host name, security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property.
CVE-2009-1697
CRLF injection vulnerability in WebKit allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting (XSS) attacks that depend on communication with arbitrary web sites on the same server through use of XMLHttpRequest without a Host header.
CVE-2009-1695
Cross-site scripting (XSS) vulnerability in WebKit allows remote attackers to inject arbitrary web script or HTML via vectors involving access to frame contents after completion of a page transition.
CVE-2009-1693
WebKit allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."
CVE-2009-1694
WebKit does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site image capture issue."
CVE-2009-1681
WebKit does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a crafted HTML document.
CVE-2009-1684
Cross-site scripting (XSS) vulnerability in WebKit allows remote attackers to inject arbitrary web script or HTML via an event handler that triggers script execution in the context of the next loaded document.
For the stable distribution (lenny), these problems has been fixed in version 1.0.1-4+lenny2.
For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 1.1.16-1.
We recommend that you upgrade your webkit package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1.orig.tar.gz Size/MD5 checksum: 13418752 4de68a5773998bea14e8939aa341c466
http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.diff.gz Size/MD5 checksum: 35369 506c8f2fef73a9fc856264f11a3ad27e http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.dsc Size/MD5 checksum: 1447 b5f01d6428f01d79bfe18338064452ab
Architecture independent packages:
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-dev_1.0.1-4+lenny2_all.deb Size/MD5 checksum: 35164 df682bbcd13389c2f50002c2aaf7347b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_alpha.deb Size/MD5 checksum: 65193740 fc8b613c9c41ef0f0d3856e7ee3deeae
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_alpha.deb Size/MD5 checksum: 4254938 252b95b962bda11c000f9c0543673c1b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_amd64.deb Size/MD5 checksum: 3502994 4a96cad1e302e7303d41d6f866215da4
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_amd64.deb Size/MD5 checksum: 62518476 d723a8c76b373026752b6f68e5fc4950
arm architecture (ARM)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_arm.deb Size/MD5 checksum: 2721324 1fac2f59ffa9e3d7b8697aae262f09e4
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_arm.deb Size/MD5 checksum: 61478724 260faea7d5ba766268faad888b3e61ff
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_armel.deb Size/MD5 checksum: 2770654 5b88754e9804d9290537afdf6127643a
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_armel.deb Size/MD5 checksum: 59892062 99c8f13257a054f42686ab9c6329d490
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_hppa.deb Size/MD5 checksum: 3869020 c61be734b6511788e8cc235a5d672eab
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_hppa.deb Size/MD5 checksum: 63935342 f1db2bd7b5c22e257c74100798017f30
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_i386.deb Size/MD5 checksum: 62161744 f89fc6ac6d1110cabe47dd9184c9a9ca
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_i386.deb Size/MD5 checksum: 3016584 b854f5294527adac80e9776efed37cd7
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_ia64.deb Size/MD5 checksum: 5547624 2bd2100a345089282117317a9ab2e7d1
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_ia64.deb Size/MD5 checksum: 62685224 5eaff5d431cf4a85beeaa0b66c91958c
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mips.deb Size/MD5 checksum: 3109134 a680a8f105a19bf1b21a5034c14c4822
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mips.deb Size/MD5 checksum: 64547832 dd440891a1861262bc92deb0a1ead013
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mipsel.deb Size/MD5 checksum: 2992848 952d643be475c35e253a8757075cd41b
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mipsel.deb Size/MD5 checksum: 62135970 7cd635047e3f9bd000ff4547a47eaaec
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_s390.deb Size/MD5 checksum: 3456914 6fc856a50b3f899c36381ed8d51af44e
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_s390.deb Size/MD5 checksum: 64385860 98ded86952a2c6714ceba76a4a98c35b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_sparc.deb Size/MD5 checksum: 63621854 f0dd17453bc09fdc05c119faf2212d70
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_sparc.deb Size/MD5 checksum: 3499170 3f2084d6416459ce1416bd6f6f2845e3
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
iEYEARECAAYFAksjbAYACgkQNxpp46476aqm7wCaAk6WARfBzzrdYYoxAUKA5weL V5YAmwRkz4XNwdcqnPzdeDzoakljqf1s =DBEQ -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).
Request a free trial: http://secunia.com/products/corporate/vim/
TITLE: SUSE update for Multiple Packages
SECUNIA ADVISORY ID: SA43068
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43068/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43068
RELEASE DATE: 2011-01-25
DISCUSS ADVISORY: http://secunia.com/advisories/43068/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43068/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43068
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: SUSE has issued an update for multiple packages, which fixes multiple vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0590",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.5"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.1.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.0 to 2.2.1"
},
{
"model": "ios for ipod touch",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.1 to 2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "0"
},
{
"model": "ipod touch",
"scope": "ne",
"trust": 0.6,
"vendor": "apple",
"version": "3.0"
},
{
"model": "iphone",
"scope": "ne",
"trust": 0.6,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "0"
},
{
"model": "playstation",
"scope": "eq",
"trust": 0.3,
"vendor": "sony",
"version": "30"
},
{
"model": "in motion blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "88004.2"
},
{
"model": "in motion blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "88004.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.63"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.62"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.61"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.601"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.60"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.52"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.51"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.50"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.27"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.26"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.25"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.24"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.23"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.22"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.21"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.201"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.20"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.02"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "n95 phone",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "0"
},
{
"model": "n82",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "0"
},
{
"model": "n810",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "0"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "8.0.3.3"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "8.0.3.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "8.0.2"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "8.0.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "8.0"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.2"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.01"
},
{
"model": "mac",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.0"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.05"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.15"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.14"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.13"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.12"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"model": "firefox rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "firefox rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "midbrowser",
"scope": "eq",
"trust": 0.3,
"vendor": "midbrowser",
"version": "0"
},
{
"model": "internet explorer sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8"
},
{
"model": "internet explorer beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "82"
},
{
"model": "internet explorer beta",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "81"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8"
},
{
"model": "internet explorer beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "konqueror embedded",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "0.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.95"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.9"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.7"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.6"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.5"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.2-6"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.5"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.4"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1"
},
{
"model": "konqueror b",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.5"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.5"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.2.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.2.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.61"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.3.1549"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.64"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.53"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.36"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "p8860",
"scope": "eq",
"trust": 0.3,
"vendor": "aigo",
"version": "0"
},
{
"model": "software opera web browser",
"scope": "ne",
"trust": 0.3,
"vendor": "opera",
"version": "9.64"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.37"
}
],
"sources": [
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35446"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
},
{
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os_for_ipod_touch",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oskar Lissheim-BoethiusOliver QuasChristian Schmitz",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
}
],
"trust": 0.6
},
"cve": "CVE-2009-1692",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-1692",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-39138",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1692",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-1692",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-317",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-39138",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39138"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
},
{
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object. Apple iPhone and iPod touch are prone to multiple vulnerabilities. \nSuccessfully exploiting these issues may allow attackers to bypass security restrictions, obtain sensitive information, or cause denial-of-service conditions. \nThese issues affect the following:\niPhone OS 1.0 through 2.2.1\niPhone OS for iPod touch 1.1 through 2.2.1\nThis BID is being retired. The following individual records have been created to better document these issues:\n35433 Apple iPhone and iPod touch MPEG-4 Video Codec Denial of Service Vulnerability\n35434 Apple iPhone and iPod touch Mail Client Information Disclosure Weakness\n35436 Apple iPhone and iPod touch Configuration Profile Handling Information Disclosure Vulnerability\n35425 Apple iPhone Call Approval Dialog Security Bypass Vulnerability\n35445 Apple iPhone and iPod touch ICMP Echo Request Remote Denial of Service Vulnerability\n35446 Apple iPhone and iPod touch HTMLSelectElement Denial of Service Vulnerability\n35447 Apple iPhone and iPod touch Untrusted Certificate Exception Information Disclosure Vulnerability\n35448 Apple iPhone and iPod touch Safari Search History Information Disclosure Vulnerability. Browsers from multiple vendors are prone to a denial-of-service vulnerability. There is a memory exhaustion issue when processing HTMLSelectElement objects. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ndisclose sensitive information, conduct cross-site scripting attacks,\nconduct cross-site request forgery attacks, bypass certain security\nrestrictions, cause a DoS (Denial of Service), or compromise a user\u0027s\nsystem. \n\nFor more information:\nSA35379\nSA35449\nSA35581\nSA37396\n\nSOLUTION:\nApply updated packages. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nPalm Pre WebOS Unspecified Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA36977\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36977/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Palm Pre WebOS, which have\nunknown impacts. \n\nThe vulnerabilities are caused due to unspecified errors. No further\ninformation is currently available. \n\nThe vulnerabilities are reported in versions prior to 1.2.1. \n\nSOLUTION:\nUpdate to version 1.2.1. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#121\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1950 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nDecember 12, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : webkit\nVulnerability : several\nProblem type : remote (local)\nDebian-specific: no\nCVE Id : CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698\n CVE-2009-1711 CVE-2009-1712 CVE-2009-1725 CVE-2009-1714\n CVE-2009-1710 CVE-2009-1697 CVE-2009-1695 CVE-2009-1693\n CVE-2009-1694 CVE-2009-1681 CVE-2009-1684 CVE-2009-1692\nDebian Bug : 532724 532725 534946 535793 538346\n\n\nSeveral vulnerabilities have been discovered in webkit, a Web content engine\nlibrary for Gtk+. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2009-0945\n\nArray index error in the insertItemBefore method in WebKit, allows remote\nattackers to execute arbitrary code via a document with a SVGPathList data\nstructure containing a negative index in the SVGTransformList, SVGStringList,\nSVGNumberList, SVGPathSegList, SVGPointList, or SVGLengthList SVGList object,\nwhich triggers memory corruption. \n\n\nCVE-2009-1687\n\nThe JavaScript garbage collector in WebKit does not properly handle allocation\nfailures, which allows remote attackers to execute arbitrary code or cause a\ndenial of service (memory corruption and application crash) via a crafted HTML\ndocument that triggers write access to an \"offset of a NULL pointer.\"\n\n\nCVE-2009-1690\n\nUse-after-free vulnerability in WebKit, allows remote attackers to execute\narbitrary code or cause a denial of service (memory corruption and application\ncrash) by setting an unspecified property of an HTML tag that causes child\nelements to be freed and later accessed when an HTML error occurs, related to\n\"recursion in certain DOM event handlers.\"\n\n\nCVE-2009-1698\n\nWebKit does not initialize a pointer during handling of a Cascading Style Sheets\n(CSS) attr function call with a large numerical argument, which allows remote\nattackers to execute arbitrary code or cause a denial of service (memory\ncorruption and application crash) via a crafted HTML document. \n\n\nCVE-2009-1711\n\nWebKit does not properly initialize memory for Attr DOM objects, which allows\nremote attackers to execute arbitrary code or cause a denial of service\n(application crash) via a crafted HTML document. \n\n\nCVE-2009-1712\n\nWebKit does not prevent remote loading of local Java applets, which allows\nremote attackers to execute arbitrary code, gain privileges, or obtain sensitive\ninformation via an APPLET or OBJECT element. \n\n\nCVE-2009-1725\n\nWebKit do not properly handle numeric character references, which allows remote\nattackers to execute arbitrary code or cause a denial of service (memory\ncorruption and application crash) via a crafted HTML document. \n\n\nCVE-2009-1714\n\nCross-site scripting (XSS) vulnerability in Web Inspector in WebKit allows\nuser-assisted remote attackers to inject arbitrary web script or HTML, and read\nlocal files, via vectors related to the improper escaping of HTML attributes. \n\n\nCVE-2009-1710\n\nWebKit allows remote attackers to spoof the browser\u0027s display of the host name,\nsecurity indicators, and unspecified other UI elements via a custom cursor in\nconjunction with a modified CSS3 hotspot property. \n\n\nCVE-2009-1697\n\nCRLF injection vulnerability in WebKit allows remote attackers to inject HTTP\nheaders and bypass the Same Origin Policy via a crafted HTML document, related\nto cross-site scripting (XSS) attacks that depend on communication with\narbitrary web sites on the same server through use of XMLHttpRequest without a\nHost header. \n\n\nCVE-2009-1695\n\nCross-site scripting (XSS) vulnerability in WebKit allows remote attackers to\ninject arbitrary web script or HTML via vectors involving access to frame\ncontents after completion of a page transition. \n\n\nCVE-2009-1693\n\nWebKit allows remote attackers to read images from arbitrary web sites via a\nCANVAS element with an SVG image, related to a \"cross-site image capture issue.\"\n\n\nCVE-2009-1694\n\nWebKit does not properly handle redirects, which allows remote attackers to read\nimages from arbitrary web sites via vectors involving a CANVAS element and\nredirection, related to a \"cross-site image capture issue.\"\n\n\nCVE-2009-1681\n\nWebKit does not prevent web sites from loading third-party content into a\nsubframe, which allows remote attackers to bypass the Same Origin Policy and\nconduct \"clickjacking\" attacks via a crafted HTML document. \n\n\nCVE-2009-1684\n\nCross-site scripting (XSS) vulnerability in WebKit allows remote attackers to\ninject arbitrary web script or HTML via an event handler that triggers script\nexecution in the context of the next loaded document. \n\n\n\nFor the stable distribution (lenny), these problems has been fixed in\nversion 1.0.1-4+lenny2. \n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 1.1.16-1. \n\n\nWe recommend that you upgrade your webkit package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,\nmips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1.orig.tar.gz\n Size/MD5 checksum: 13418752 4de68a5773998bea14e8939aa341c466\n\nhttp://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.diff.gz\n Size/MD5 checksum: 35369 506c8f2fef73a9fc856264f11a3ad27e\n http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.dsc\n Size/MD5 checksum: 1447 b5f01d6428f01d79bfe18338064452ab\n\nArchitecture independent packages:\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-dev_1.0.1-4+lenny2_all.deb\n Size/MD5 checksum: 35164 df682bbcd13389c2f50002c2aaf7347b\n\nalpha architecture (DEC Alpha)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_alpha.deb\n Size/MD5 checksum: 65193740 fc8b613c9c41ef0f0d3856e7ee3deeae\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_alpha.deb\n Size/MD5 checksum: 4254938 252b95b962bda11c000f9c0543673c1b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_amd64.deb\n Size/MD5 checksum: 3502994 4a96cad1e302e7303d41d6f866215da4\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_amd64.deb\n Size/MD5 checksum: 62518476 d723a8c76b373026752b6f68e5fc4950\n\narm architecture (ARM)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_arm.deb\n Size/MD5 checksum: 2721324 1fac2f59ffa9e3d7b8697aae262f09e4\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_arm.deb\n Size/MD5 checksum: 61478724 260faea7d5ba766268faad888b3e61ff\n\narmel architecture (ARM EABI)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_armel.deb\n Size/MD5 checksum: 2770654 5b88754e9804d9290537afdf6127643a\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_armel.deb\n Size/MD5 checksum: 59892062 99c8f13257a054f42686ab9c6329d490\n\nhppa architecture (HP PA RISC)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_hppa.deb\n Size/MD5 checksum: 3869020 c61be734b6511788e8cc235a5d672eab\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_hppa.deb\n Size/MD5 checksum: 63935342 f1db2bd7b5c22e257c74100798017f30\n\ni386 architecture (Intel ia32)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_i386.deb\n Size/MD5 checksum: 62161744 f89fc6ac6d1110cabe47dd9184c9a9ca\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_i386.deb\n Size/MD5 checksum: 3016584 b854f5294527adac80e9776efed37cd7\n\nia64 architecture (Intel ia64)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_ia64.deb\n Size/MD5 checksum: 5547624 2bd2100a345089282117317a9ab2e7d1\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_ia64.deb\n Size/MD5 checksum: 62685224 5eaff5d431cf4a85beeaa0b66c91958c\n\nmips architecture (MIPS (Big Endian))\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mips.deb\n Size/MD5 checksum: 3109134 a680a8f105a19bf1b21a5034c14c4822\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mips.deb\n Size/MD5 checksum: 64547832 dd440891a1861262bc92deb0a1ead013\n\nmipsel architecture (MIPS (Little Endian))\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mipsel.deb\n Size/MD5 checksum: 2992848 952d643be475c35e253a8757075cd41b\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mipsel.deb\n Size/MD5 checksum: 62135970 7cd635047e3f9bd000ff4547a47eaaec\n\ns390 architecture (IBM S/390)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_s390.deb\n Size/MD5 checksum: 3456914 6fc856a50b3f899c36381ed8d51af44e\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_s390.deb\n Size/MD5 checksum: 64385860 98ded86952a2c6714ceba76a4a98c35b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_sparc.deb\n Size/MD5 checksum: 63621854 f0dd17453bc09fdc05c119faf2212d70\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_sparc.deb\n Size/MD5 checksum: 3499170 3f2084d6416459ce1416bd6f6f2845e3\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAksjbAYACgkQNxpp46476aqm7wCaAk6WARfBzzrdYYoxAUKA5weL\nV5YAmwRkz4XNwdcqnPzdeDzoakljqf1s\n=DBEQ\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSUSE update for Multiple Packages\n\nSECUNIA ADVISORY ID:\nSA43068\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43068/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43068\n\nRELEASE DATE:\n2011-01-25\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43068/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43068/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43068\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSUSE has issued an update for multiple packages, which fixes multiple\nvulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1692"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35446"
},
{
"db": "VULHUB",
"id": "VHN-39138"
},
{
"db": "PACKETSTORM",
"id": "83813"
},
{
"db": "PACKETSTORM",
"id": "81850"
},
{
"db": "PACKETSTORM",
"id": "83759"
},
{
"db": "PACKETSTORM",
"id": "97846"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1692",
"trust": 2.9
},
{
"db": "BID",
"id": "35446",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2009-1621",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "55242",
"trust": 2.5
},
{
"db": "BID",
"id": "35414",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "37746",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "43068",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "36977",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0212",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "9160",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200906-317",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "79310",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-39138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83813",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81850",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97846",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39138"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35446"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "PACKETSTORM",
"id": "83813"
},
{
"db": "PACKETSTORM",
"id": "81850"
},
{
"db": "PACKETSTORM",
"id": "83759"
},
{
"db": "PACKETSTORM",
"id": "97846"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
},
{
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"id": "VAR-200906-0590",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-39138"
}
],
"trust": 0.38125
},
"last_update_date": "2024-11-23T21:14:04.936000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3639",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3639"
},
{
"title": "HT3639",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3639?viewlocale=ja_JP"
},
{
"title": "Apple iPhone Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203138"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39138"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/35446"
},
{
"trust": 2.5,
"url": "http://osvdb.org/55242"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"trust": 2.3,
"url": "http://support.apple.com/kb/ht3639"
},
{
"trust": 2.0,
"url": "http://www.g-sec.lu/one-bug-to-rule-them-all.html"
},
{
"trust": 1.8,
"url": "http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#121"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2009/dsa-1950"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/35414"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/504989/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/504988/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/504969/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505006/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/9160"
},
{
"trust": 1.7,
"url": "https://bugs.webkit.org/show_bug.cgi?id=23319"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/36977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37746"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43068"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1692"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1692"
},
{
"trust": 0.6,
"url": "http://www.apple.com/iphone/"
},
{
"trust": 0.6,
"url": "http://www.apple.com/ipodtouch/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/en/security/advisories?name=mdvsa-2009:346"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_hppa.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_alpha.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mipsel.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mipsel.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_armel.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_alpha.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_arm.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-dev_1.0.1-4+lenny2_all.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_arm.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.dsc"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_amd64.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_hppa.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_i386.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_s390.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_s390.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mips.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1.orig.tar.gz"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_i386.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_amd64.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_sparc.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_sparc.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_ia64.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_armel.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.diff.gz"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mips.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37746/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35379/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35449/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37396/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36977/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1697"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1712"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1690"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1681"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1692"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1714"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1694"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1710"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1693"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1684"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1711"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1695"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1725"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43068"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43068/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43068/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39138"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35446"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "PACKETSTORM",
"id": "83813"
},
{
"db": "PACKETSTORM",
"id": "81850"
},
{
"db": "PACKETSTORM",
"id": "83759"
},
{
"db": "PACKETSTORM",
"id": "97846"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
},
{
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-39138"
},
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35446"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"db": "PACKETSTORM",
"id": "83813"
},
{
"db": "PACKETSTORM",
"id": "81850"
},
{
"db": "PACKETSTORM",
"id": "83759"
},
{
"db": "PACKETSTORM",
"id": "97846"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
},
{
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-39138"
},
{
"date": "2009-06-17T00:00:00",
"db": "BID",
"id": "35414"
},
{
"date": "2009-06-17T00:00:00",
"db": "BID",
"id": "35446"
},
{
"date": "2009-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"date": "2009-12-14T16:22:20",
"db": "PACKETSTORM",
"id": "83813"
},
{
"date": "2009-10-07T05:27:37",
"db": "PACKETSTORM",
"id": "81850"
},
{
"date": "2009-12-13T23:35:12",
"db": "PACKETSTORM",
"id": "83759"
},
{
"date": "2011-01-25T03:59:20",
"db": "PACKETSTORM",
"id": "97846"
},
{
"date": "2009-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-317"
},
{
"date": "2009-06-19T16:30:00.377000",
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-39138"
},
{
"date": "2009-06-19T23:09:00",
"db": "BID",
"id": "35414"
},
{
"date": "2015-03-19T08:42:00",
"db": "BID",
"id": "35446"
},
{
"date": "2009-08-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001853"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-317"
},
{
"date": "2024-11-21T01:03:06.370000",
"db": "NVD",
"id": "CVE-2009-1692"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "35414"
},
{
"db": "BID",
"id": "35446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001853"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-317"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.