var-200906-0599
Vulnerability from variot
KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. KDE Konqueror There is a service disruption ( Memory consumption ) There is a vulnerability that becomes a condition. Browsers from multiple vendors are prone to a denial-of-service vulnerability. Successfully exploiting this issue may allow attackers to crash an affected application. NOTE: This issue was previously covered in BID 35414 (Apple iPhone and iPod touch Prior to Version 3.0 Multiple Vulnerabilities), but has been assigned its own record to better document it. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Fedora update for kdelibs
SECUNIA ADVISORY ID: SA36062
VERIFY ADVISORY: http://secunia.com/advisories/36062/
DESCRIPTION: Fedora has issued an update for kdelibs. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
For more information: SA35581 SA35991
SOLUTION: Apply updated packages via the yum utility ("yum update kdelibs").
ORIGINAL ADVISORY: FEDORA-2009-8049: https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
FEDORA-2009-8039: https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
OTHER REFERENCES: SA35581: http://secunia.com/advisories/35581/
SA35991: http://secunia.com/advisories/35991/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
This update provides a solution to this vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2010:027 http://www.mandriva.com/security/
Package : kdelibs4 Date : January 27, 2010 Affected: 2009.1
Problem Description:
Multiple vulnerabilities was discovered and corrected in kdelibs4:
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \'\0\' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2702).
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an offset of a NULL pointer. (CVE-2009-1687).
WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit (aka Qt toolkit), and possibly other products does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document (CVE-2009-1725).
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to recursion in certain DOM event handlers. (CVE-2009-1690).
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document (CVE-2009-1698). (CVE-2009-0689).
WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote attackers to execute arbitrary code via a crafted SVGList object that triggers memory corruption (CVE-2009-0945).
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945
Updated Packages:
Mandriva Linux 2009.1: c08161eacba6cdb1b0ba26babe5f8cc5 2009.1/i586/kdelibs4-core-4.2.4-0.8mdv2009.1.i586.rpm 933468cf4109252dac5119edd958f73d 2009.1/i586/kdelibs4-devel-4.2.4-0.8mdv2009.1.i586.rpm 96703a0ef0baf299647ff27d64cb0680 2009.1/i586/libkde3support4-4.2.4-0.8mdv2009.1.i586.rpm e5f60ba41e5919fa77c313b204e1f712 2009.1/i586/libkdecore5-4.2.4-0.8mdv2009.1.i586.rpm cf8af6e467cd1585c44e1cce01362526 2009.1/i586/libkdefakes5-4.2.4-0.8mdv2009.1.i586.rpm 1c9c04b5f6c0c59d2e5860b077e0c6e3 2009.1/i586/libkdesu5-4.2.4-0.8mdv2009.1.i586.rpm 89fe7c33c7e5bcc23595560ae4664bf6 2009.1/i586/libkdeui5-4.2.4-0.8mdv2009.1.i586.rpm 30b73ef58ac3a45ff86756ad09d0d555 2009.1/i586/libkdnssd4-4.2.4-0.8mdv2009.1.i586.rpm a1f00af00ea7e52d9f187f1fe5ccdfe2 2009.1/i586/libkfile4-4.2.4-0.8mdv2009.1.i586.rpm 553486988b945307ee038cb41dcb76e6 2009.1/i586/libkhtml5-4.2.4-0.8mdv2009.1.i586.rpm 9d9501ff70e709c5ea32b35aa985688a 2009.1/i586/libkimproxy4-4.2.4-0.8mdv2009.1.i586.rpm a2ec3f440eb6cf545abbc63a3d34c1e5 2009.1/i586/libkio5-4.2.4-0.8mdv2009.1.i586.rpm 4168e955b60a5a69d8f1e085b30d0424 2009.1/i586/libkjs4-4.2.4-0.8mdv2009.1.i586.rpm bfcece9c73348c6415c48ec266877908 2009.1/i586/libkjsapi4-4.2.4-0.8mdv2009.1.i586.rpm 228ca7dc2a86fdc868a5937b16a7a08c 2009.1/i586/libkjsembed4-4.2.4-0.8mdv2009.1.i586.rpm f6297ae0630eb6207895df9f2f971eb6 2009.1/i586/libkmediaplayer4-4.2.4-0.8mdv2009.1.i586.rpm cf6113c17858d5e6e3c0e04622f8a66c 2009.1/i586/libknewstuff2_4-4.2.4-0.8mdv2009.1.i586.rpm da55a2f428ad020834f7b91c0023ecf6 2009.1/i586/libknotifyconfig4-4.2.4-0.8mdv2009.1.i586.rpm 9fef466138ff78a3d6d3244998a9ba30 2009.1/i586/libkntlm4-4.2.4-0.8mdv2009.1.i586.rpm 4f7c0ad254ec1990f5dab1c0b959629d 2009.1/i586/libkparts4-4.2.4-0.8mdv2009.1.i586.rpm 8c58d6a9a6ec7fc21f287b2f4c2e9858 2009.1/i586/libkpty4-4.2.4-0.8mdv2009.1.i586.rpm 8ed500d050b95560d7eff6db26fa05ee 2009.1/i586/libkrosscore4-4.2.4-0.8mdv2009.1.i586.rpm 2d8d12d8a7bbfe18f6b04b9807795077 2009.1/i586/libkrossui4-4.2.4-0.8mdv2009.1.i586.rpm 8cc5c226e381b122983440b3440c1476 2009.1/i586/libktexteditor4-4.2.4-0.8mdv2009.1.i586.rpm 3c53941130fb8cc6d12b8cdea488f536 2009.1/i586/libkunittest4-4.2.4-0.8mdv2009.1.i586.rpm 3996bfcff0b2465c39c6ccdb8367f401 2009.1/i586/libkutils4-4.2.4-0.8mdv2009.1.i586.rpm 129a26ab20c792994113b5db00b7f7c4 2009.1/i586/libnepomuk4-4.2.4-0.8mdv2009.1.i586.rpm 0b88090e1cba0db59a3fb85c34e6b726 2009.1/i586/libplasma3-4.2.4-0.8mdv2009.1.i586.rpm 79b484a6c8e20db156fbe130c81e2001 2009.1/i586/libsolid4-4.2.4-0.8mdv2009.1.i586.rpm ddd09e03af15f421b2e38b6f06c0247a 2009.1/i586/libthreadweaver4-4.2.4-0.8mdv2009.1.i586.rpm fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: 89f77418ccda86b51c7d32d011e88e9b 2009.1/x86_64/kdelibs4-core-4.2.4-0.8mdv2009.1.x86_64.rpm d0b009e595350648b12cca1ee094802e 2009.1/x86_64/kdelibs4-devel-4.2.4-0.8mdv2009.1.x86_64.rpm 03db494c356e0b0823ddf697d42c0f50 2009.1/x86_64/lib64kde3support4-4.2.4-0.8mdv2009.1.x86_64.rpm 6d98531ba95a096fd49801f7df452776 2009.1/x86_64/lib64kdecore5-4.2.4-0.8mdv2009.1.x86_64.rpm bf3845f586eeeaafab5e25442f4d8950 2009.1/x86_64/lib64kdefakes5-4.2.4-0.8mdv2009.1.x86_64.rpm b9767fb69262886d60a7844ad6569e27 2009.1/x86_64/lib64kdesu5-4.2.4-0.8mdv2009.1.x86_64.rpm d709c9fb8874c432d1b4e415e9c06858 2009.1/x86_64/lib64kdeui5-4.2.4-0.8mdv2009.1.x86_64.rpm 6d062780a7629eed7e93ab9e66daf633 2009.1/x86_64/lib64kdnssd4-4.2.4-0.8mdv2009.1.x86_64.rpm f39c44bc7572d06921061c0ac5ef78c9 2009.1/x86_64/lib64kfile4-4.2.4-0.8mdv2009.1.x86_64.rpm 90f8ecd4967830ebff3b81732162fe33 2009.1/x86_64/lib64khtml5-4.2.4-0.8mdv2009.1.x86_64.rpm 005d7de69a0063a8dc396b9dffdf20ed 2009.1/x86_64/lib64kimproxy4-4.2.4-0.8mdv2009.1.x86_64.rpm 3924d83bf43990f7a7ba5d2eea29ef5d 2009.1/x86_64/lib64kio5-4.2.4-0.8mdv2009.1.x86_64.rpm 9124f0ce5f1643e4310ef0bfc5fda970 2009.1/x86_64/lib64kjs4-4.2.4-0.8mdv2009.1.x86_64.rpm 573504d0c305e757b3c163b9132264e4 2009.1/x86_64/lib64kjsapi4-4.2.4-0.8mdv2009.1.x86_64.rpm 917e5b175a3a5480e848dee6201e99d9 2009.1/x86_64/lib64kjsembed4-4.2.4-0.8mdv2009.1.x86_64.rpm 604cce29c11b2452b2744ff72e248b7c 2009.1/x86_64/lib64kmediaplayer4-4.2.4-0.8mdv2009.1.x86_64.rpm bd75d3e4feaa98a3659ae5d113fe45f6 2009.1/x86_64/lib64knewstuff2_4-4.2.4-0.8mdv2009.1.x86_64.rpm 0a7d48b91c673f5908ce2d47a77746e2 2009.1/x86_64/lib64knotifyconfig4-4.2.4-0.8mdv2009.1.x86_64.rpm a91967cfec8b470cc7520ac17590d41b 2009.1/x86_64/lib64kntlm4-4.2.4-0.8mdv2009.1.x86_64.rpm 0159bb033c507f20fb8bd77a7a8be43a 2009.1/x86_64/lib64kparts4-4.2.4-0.8mdv2009.1.x86_64.rpm a062d0124cdea9dfcafb82ed2c5dfd54 2009.1/x86_64/lib64kpty4-4.2.4-0.8mdv2009.1.x86_64.rpm 8c0950479a23531a03836f7744d6b90d 2009.1/x86_64/lib64krosscore4-4.2.4-0.8mdv2009.1.x86_64.rpm ca61efacf989bd4421d2c88abc440e3f 2009.1/x86_64/lib64krossui4-4.2.4-0.8mdv2009.1.x86_64.rpm bcd31e87995de0f86ad9c363e87ea0d4 2009.1/x86_64/lib64ktexteditor4-4.2.4-0.8mdv2009.1.x86_64.rpm 23a0f2c640a20dd1be2b4475a9102cd6 2009.1/x86_64/lib64kunittest4-4.2.4-0.8mdv2009.1.x86_64.rpm e49987a6d8016b6ac39011b6cac0b570 2009.1/x86_64/lib64kutils4-4.2.4-0.8mdv2009.1.x86_64.rpm 90d6806fa9dcd2ac1b71fc3b72dd4f81 2009.1/x86_64/lib64nepomuk4-4.2.4-0.8mdv2009.1.x86_64.rpm 4808080c578223d0bcb156e78f5d661f 2009.1/x86_64/lib64plasma3-4.2.4-0.8mdv2009.1.x86_64.rpm e8cecb137634dfc738617b67a6d34122 2009.1/x86_64/lib64solid4-4.2.4-0.8mdv2009.1.x86_64.rpm 35c8778eaaa5465a8f15c27a57d8ed60 2009.1/x86_64/lib64threadweaver4-4.2.4-0.8mdv2009.1.x86_64.rpm fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFLX/3wmqjQ0CJFipgRApr4AKC7I0w56Y9GFgmZeeNIeUDGaXgxHQCg6N5C YuntVxGlOXktJ3qUQl1SZ1Y= =5Avg -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10, which brings many bugfixes, overall improvements and many security fixes.
kdegraphics contains security fixes for CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1179,1180,1181,1182,1183
kdelibs contains security fixes for CVE-2009-0689,1687,1690,1698,2702,1725,2537
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200906-0599", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "konqueror", "scope": null, "trust": 1.4, "vendor": "kde", "version": null }, { "model": "konqueror", "scope": "eq", "trust": 1.0, "vendor": "kde", "version": "*" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "0" }, { "model": "playstation", "scope": "eq", "trust": 0.3, "vendor": "sony", "version": "30" }, { "model": "in motion blackberry", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "88004.2" }, { "model": "in motion blackberry", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "88004.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "pardus", "version": "20080" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.63" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.62" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.61" }, { "model": "software opera web browser beta", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.601" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.60" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.52" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.51" }, { "model": "software opera web browser beta", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.50" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.5" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.27" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.26" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.25" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.24" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.23" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.22" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.21" }, { "model": "software opera web browser beta", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.201" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.20" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.10" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.02" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.01" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9" }, { "model": "n95 phone", "scope": "eq", "trust": 0.3, "vendor": "nokia", "version": "0" }, { "model": "n82", "scope": "eq", "trust": 0.3, "vendor": "nokia", "version": "0" }, { "model": "n810", "scope": "eq", "trust": 0.3, "vendor": "nokia", "version": "0" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "8.0.3.3" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "8.0.3.1" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "8.0.2" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "8.0.1" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "8.0" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "7.2" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "7.1" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "7.0" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.2.3" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.2.2" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.2.1" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.2" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.1" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.01" }, { "model": "mac", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.0" }, { "model": "netscape", "scope": "eq", "trust": 0.3, "vendor": "netscape", "version": "6.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.9" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.17" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.16" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.1" }, { "model": "firefox beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.05" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.15" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.14" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.13" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.12" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.11" }, { "model": "firefox rc3", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "firefox rc2", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "firefox beta", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.01" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "midbrowser", "scope": "eq", "trust": 0.3, "vendor": "midbrowser", "version": "0" }, { "model": "internet explorer sp4", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.0.1" }, { "model": "internet explorer sp3", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.0.1" }, { "model": "internet explorer sp2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.0.1" }, { "model": "internet explorer sp1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.0.1" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.0.1" }, { "model": "internet explorer rc1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "8" }, { "model": "internet explorer beta", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "82" }, { "model": "internet explorer beta", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "81" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "8" }, { "model": "internet explorer beta3", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "7.0" }, { "model": "internet explorer beta2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "7.0" }, { "model": "internet explorer beta1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "7.0" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "7.0" }, { "model": "internet explorer sp1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "6.0" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "6.0" }, { "model": "internet explorer sp2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.5" }, { "model": "internet explorer sp1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.5" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.5" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "5.0" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.0" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.1" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.1" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "konqueror embedded", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "0.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.95" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.9" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.7" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.6" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.5" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.2" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.5.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.3.2" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.3.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.3" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.2.3" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.2.2-6" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.2.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.5" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.4" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.3" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.2" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.1" }, { "model": "konqueror b", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.5" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.5" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.3" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.2" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "3.0" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "2.2.2" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "2.2.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "2.1.2" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "2.1.1" }, { "model": "konqueror", "scope": "eq", "trust": 0.3, "vendor": "kde", "version": "4.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "2.0.172.33" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "2.0.172.31" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "2.0.172.30" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.61" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "0.3.1549" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "0.2.149.30" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "0.2.149.29" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "0.2.149.27" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.65" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.64" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.59" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.55" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.53" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.48" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.46" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "1.0.154.36" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux armel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2.1" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0.2" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0.1" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.4" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.3" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.2" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.1" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0.2" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.4" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.3" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.2" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.0.2" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.0.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "p8860", "scope": "eq", "trust": 0.3, "vendor": "aigo", "version": "0" }, { "model": "software opera web browser", "scope": "ne", "trust": 0.3, "vendor": "opera", "version": "9.64" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "3.0.5" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "2.0.19" }, { "model": "chrome", "scope": "ne", "trust": 0.3, "vendor": "google", "version": "2.0.172.37" }, { "model": "ipod touch", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "iphone", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "3.0" } ], "sources": [ { "db": "BID", "id": "35446" }, { "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "db": "CNNVD", "id": "CNNVD-200907-288" }, { "db": "NVD", "id": "CVE-2009-2537" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:kde:konqueror", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-004826" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Oskar Lissheim-BoethiusOliver QuasChristian Schmitz", "sources": [ { "db": "CNNVD", "id": "CNNVD-200907-288" } ], "trust": 0.6 }, "cve": "CVE-2009-2537", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2009-2537", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2009-2537", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2009-2537", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200907-288", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "db": "CNNVD", "id": "CNNVD-200907-288" }, { "db": "NVD", "id": "CVE-2009-2537" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. KDE Konqueror There is a service disruption ( Memory consumption ) There is a vulnerability that becomes a condition. Browsers from multiple vendors are prone to a denial-of-service vulnerability. \nSuccessfully exploiting this issue may allow attackers to crash an affected application. \nNOTE: This issue was previously covered in BID 35414 (Apple iPhone and iPod touch Prior to Version 3.0 Multiple Vulnerabilities), but has been assigned its own record to better document it. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nFedora update for kdelibs\n\nSECUNIA ADVISORY ID:\nSA36062\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36062/\n\nDESCRIPTION:\nFedora has issued an update for kdelibs. This fixes some\nvulnerabilities, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nFor more information:\nSA35581\nSA35991\n\nSOLUTION:\nApply updated packages via the yum utility (\"yum update kdelibs\"). \n\nORIGINAL ADVISORY:\nFEDORA-2009-8049:\nhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html\n\nFEDORA-2009-8039:\nhttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html\n\nOTHER REFERENCES:\nSA35581:\nhttp://secunia.com/advisories/35581/\n\nSA35991:\nhttp://secunia.com/advisories/35991/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n \n This update provides a solution to this vulnerability. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2010:027\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : kdelibs4\n Date : January 27, 2010\n Affected: 2009.1\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities was discovered and corrected in kdelibs4:\n \n KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a\n \\\u0027\\0\\\u0027 (NUL) character in a domain name in the Subject Alternative\n Name field of an X.509 certificate, which allows man-in-the-middle\n attackers to spoof arbitrary SSL servers via a crafted certificate\n issued by a legitimate Certification Authority, a related issue to\n CVE-2009-2408 (CVE-2009-2702). \n \n The JavaScript garbage collector in WebKit in Apple Safari before\n 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1\n through 2.2.1 does not properly handle allocation failures, which\n allows remote attackers to execute arbitrary code or cause a denial\n of service (memory corruption and application crash) via a crafted\n HTML document that triggers write access to an offset of a NULL\n pointer. (CVE-2009-1687). \n \n WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit\n (aka Qt toolkit), and possibly other products does not properly handle\n numeric character references, which allows remote attackers to execute\n arbitrary code or cause a denial of service (memory corruption and\n application crash) via a crafted HTML document (CVE-2009-1725). \n \n Use-after-free vulnerability in WebKit, as used in Apple Safari\n before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1\n through 2.2.1, Google Chrome 1.0.154.53, and possibly other products,\n allows remote attackers to execute arbitrary code or cause a denial\n of service (memory corruption and application crash) by setting an\n unspecified property of an HTML tag that causes child elements to\n be freed and later accessed when an HTML error occurs, related to\n recursion in certain DOM event handlers. (CVE-2009-1690). \n \n WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,\n and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a\n pointer during handling of a Cascading Style Sheets (CSS) attr function\n call with a large numerical argument, which allows remote attackers to\n execute arbitrary code or cause a denial of service (memory corruption\n and application crash) via a crafted HTML document (CVE-2009-1698). (CVE-2009-0689). \n \n WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple\n Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote\n attackers to execute arbitrary code via a crafted SVGList object that\n triggers memory corruption (CVE-2009-0945). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2537\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.1:\n c08161eacba6cdb1b0ba26babe5f8cc5 2009.1/i586/kdelibs4-core-4.2.4-0.8mdv2009.1.i586.rpm\n 933468cf4109252dac5119edd958f73d 2009.1/i586/kdelibs4-devel-4.2.4-0.8mdv2009.1.i586.rpm\n 96703a0ef0baf299647ff27d64cb0680 2009.1/i586/libkde3support4-4.2.4-0.8mdv2009.1.i586.rpm\n e5f60ba41e5919fa77c313b204e1f712 2009.1/i586/libkdecore5-4.2.4-0.8mdv2009.1.i586.rpm\n cf8af6e467cd1585c44e1cce01362526 2009.1/i586/libkdefakes5-4.2.4-0.8mdv2009.1.i586.rpm\n 1c9c04b5f6c0c59d2e5860b077e0c6e3 2009.1/i586/libkdesu5-4.2.4-0.8mdv2009.1.i586.rpm\n 89fe7c33c7e5bcc23595560ae4664bf6 2009.1/i586/libkdeui5-4.2.4-0.8mdv2009.1.i586.rpm\n 30b73ef58ac3a45ff86756ad09d0d555 2009.1/i586/libkdnssd4-4.2.4-0.8mdv2009.1.i586.rpm\n a1f00af00ea7e52d9f187f1fe5ccdfe2 2009.1/i586/libkfile4-4.2.4-0.8mdv2009.1.i586.rpm\n 553486988b945307ee038cb41dcb76e6 2009.1/i586/libkhtml5-4.2.4-0.8mdv2009.1.i586.rpm\n 9d9501ff70e709c5ea32b35aa985688a 2009.1/i586/libkimproxy4-4.2.4-0.8mdv2009.1.i586.rpm\n a2ec3f440eb6cf545abbc63a3d34c1e5 2009.1/i586/libkio5-4.2.4-0.8mdv2009.1.i586.rpm\n 4168e955b60a5a69d8f1e085b30d0424 2009.1/i586/libkjs4-4.2.4-0.8mdv2009.1.i586.rpm\n bfcece9c73348c6415c48ec266877908 2009.1/i586/libkjsapi4-4.2.4-0.8mdv2009.1.i586.rpm\n 228ca7dc2a86fdc868a5937b16a7a08c 2009.1/i586/libkjsembed4-4.2.4-0.8mdv2009.1.i586.rpm\n f6297ae0630eb6207895df9f2f971eb6 2009.1/i586/libkmediaplayer4-4.2.4-0.8mdv2009.1.i586.rpm\n cf6113c17858d5e6e3c0e04622f8a66c 2009.1/i586/libknewstuff2_4-4.2.4-0.8mdv2009.1.i586.rpm\n da55a2f428ad020834f7b91c0023ecf6 2009.1/i586/libknotifyconfig4-4.2.4-0.8mdv2009.1.i586.rpm\n 9fef466138ff78a3d6d3244998a9ba30 2009.1/i586/libkntlm4-4.2.4-0.8mdv2009.1.i586.rpm\n 4f7c0ad254ec1990f5dab1c0b959629d 2009.1/i586/libkparts4-4.2.4-0.8mdv2009.1.i586.rpm\n 8c58d6a9a6ec7fc21f287b2f4c2e9858 2009.1/i586/libkpty4-4.2.4-0.8mdv2009.1.i586.rpm\n 8ed500d050b95560d7eff6db26fa05ee 2009.1/i586/libkrosscore4-4.2.4-0.8mdv2009.1.i586.rpm\n 2d8d12d8a7bbfe18f6b04b9807795077 2009.1/i586/libkrossui4-4.2.4-0.8mdv2009.1.i586.rpm\n 8cc5c226e381b122983440b3440c1476 2009.1/i586/libktexteditor4-4.2.4-0.8mdv2009.1.i586.rpm\n 3c53941130fb8cc6d12b8cdea488f536 2009.1/i586/libkunittest4-4.2.4-0.8mdv2009.1.i586.rpm\n 3996bfcff0b2465c39c6ccdb8367f401 2009.1/i586/libkutils4-4.2.4-0.8mdv2009.1.i586.rpm\n 129a26ab20c792994113b5db00b7f7c4 2009.1/i586/libnepomuk4-4.2.4-0.8mdv2009.1.i586.rpm\n 0b88090e1cba0db59a3fb85c34e6b726 2009.1/i586/libplasma3-4.2.4-0.8mdv2009.1.i586.rpm\n 79b484a6c8e20db156fbe130c81e2001 2009.1/i586/libsolid4-4.2.4-0.8mdv2009.1.i586.rpm\n ddd09e03af15f421b2e38b6f06c0247a 2009.1/i586/libthreadweaver4-4.2.4-0.8mdv2009.1.i586.rpm \n fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n 89f77418ccda86b51c7d32d011e88e9b 2009.1/x86_64/kdelibs4-core-4.2.4-0.8mdv2009.1.x86_64.rpm\n d0b009e595350648b12cca1ee094802e 2009.1/x86_64/kdelibs4-devel-4.2.4-0.8mdv2009.1.x86_64.rpm\n 03db494c356e0b0823ddf697d42c0f50 2009.1/x86_64/lib64kde3support4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 6d98531ba95a096fd49801f7df452776 2009.1/x86_64/lib64kdecore5-4.2.4-0.8mdv2009.1.x86_64.rpm\n bf3845f586eeeaafab5e25442f4d8950 2009.1/x86_64/lib64kdefakes5-4.2.4-0.8mdv2009.1.x86_64.rpm\n b9767fb69262886d60a7844ad6569e27 2009.1/x86_64/lib64kdesu5-4.2.4-0.8mdv2009.1.x86_64.rpm\n d709c9fb8874c432d1b4e415e9c06858 2009.1/x86_64/lib64kdeui5-4.2.4-0.8mdv2009.1.x86_64.rpm\n 6d062780a7629eed7e93ab9e66daf633 2009.1/x86_64/lib64kdnssd4-4.2.4-0.8mdv2009.1.x86_64.rpm\n f39c44bc7572d06921061c0ac5ef78c9 2009.1/x86_64/lib64kfile4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 90f8ecd4967830ebff3b81732162fe33 2009.1/x86_64/lib64khtml5-4.2.4-0.8mdv2009.1.x86_64.rpm\n 005d7de69a0063a8dc396b9dffdf20ed 2009.1/x86_64/lib64kimproxy4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 3924d83bf43990f7a7ba5d2eea29ef5d 2009.1/x86_64/lib64kio5-4.2.4-0.8mdv2009.1.x86_64.rpm\n 9124f0ce5f1643e4310ef0bfc5fda970 2009.1/x86_64/lib64kjs4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 573504d0c305e757b3c163b9132264e4 2009.1/x86_64/lib64kjsapi4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 917e5b175a3a5480e848dee6201e99d9 2009.1/x86_64/lib64kjsembed4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 604cce29c11b2452b2744ff72e248b7c 2009.1/x86_64/lib64kmediaplayer4-4.2.4-0.8mdv2009.1.x86_64.rpm\n bd75d3e4feaa98a3659ae5d113fe45f6 2009.1/x86_64/lib64knewstuff2_4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 0a7d48b91c673f5908ce2d47a77746e2 2009.1/x86_64/lib64knotifyconfig4-4.2.4-0.8mdv2009.1.x86_64.rpm\n a91967cfec8b470cc7520ac17590d41b 2009.1/x86_64/lib64kntlm4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 0159bb033c507f20fb8bd77a7a8be43a 2009.1/x86_64/lib64kparts4-4.2.4-0.8mdv2009.1.x86_64.rpm\n a062d0124cdea9dfcafb82ed2c5dfd54 2009.1/x86_64/lib64kpty4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 8c0950479a23531a03836f7744d6b90d 2009.1/x86_64/lib64krosscore4-4.2.4-0.8mdv2009.1.x86_64.rpm\n ca61efacf989bd4421d2c88abc440e3f 2009.1/x86_64/lib64krossui4-4.2.4-0.8mdv2009.1.x86_64.rpm\n bcd31e87995de0f86ad9c363e87ea0d4 2009.1/x86_64/lib64ktexteditor4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 23a0f2c640a20dd1be2b4475a9102cd6 2009.1/x86_64/lib64kunittest4-4.2.4-0.8mdv2009.1.x86_64.rpm\n e49987a6d8016b6ac39011b6cac0b570 2009.1/x86_64/lib64kutils4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 90d6806fa9dcd2ac1b71fc3b72dd4f81 2009.1/x86_64/lib64nepomuk4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 4808080c578223d0bcb156e78f5d661f 2009.1/x86_64/lib64plasma3-4.2.4-0.8mdv2009.1.x86_64.rpm\n e8cecb137634dfc738617b67a6d34122 2009.1/x86_64/lib64solid4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 35c8778eaaa5465a8f15c27a57d8ed60 2009.1/x86_64/lib64threadweaver4-4.2.4-0.8mdv2009.1.x86_64.rpm \n fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLX/3wmqjQ0CJFipgRApr4AKC7I0w56Y9GFgmZeeNIeUDGaXgxHQCg6N5C\nYuntVxGlOXktJ3qUQl1SZ1Y=\n=5Avg\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n \n This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,\n which brings many bugfixes, overall improvements and many security\n fixes. \n \n kdegraphics contains security fixes for\n CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1179,1180,1181,1182,1183\n \n kdelibs contains security fixes for\n CVE-2009-0689,1687,1690,1698,2702,1725,2537\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers", "sources": [ { "db": "NVD", "id": "CVE-2009-2537" }, { "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "db": "BID", "id": "35446" }, { "db": "PACKETSTORM", "id": "79812" }, { "db": "PACKETSTORM", "id": "79819" }, { "db": "PACKETSTORM", "id": "83708" }, { "db": "PACKETSTORM", "id": "85663" }, { "db": "PACKETSTORM", "id": "85674" }, { "db": "PACKETSTORM", "id": "84482" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2009-2537", "trust": 3.1 }, { "db": "SECUNIA", "id": "36062", "trust": 1.7 }, { "db": "SECUNIA", "id": "36057", "trust": 1.7 }, { "db": "EXPLOIT-DB", "id": "9160", "trust": 1.6 }, { "db": "JVNDB", "id": "JVNDB-2009-004826", "trust": 0.8 }, { "db": "BUGTRAQ", "id": "20090715 [GSEC-TZO-44-2009] ONE BUG TO RULE THEM ALL - FIREFOX, IE, SAFARI,OPERA, CHROME,SEAMONKEY,IPHONE,IPOD,WII,PS3....", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20090715 RE: [GSEC-TZO-44-2009] ONE BUG TO RULE THEM ALL - FIREFOX, IE, SAFARI,OPERA, CHROME,SEAMONKEY,IPHONE,IPOD,WII,PS3....", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20090715 RE:[GSEC-TZO-44-2009] ONE BUG TO RULE THEM ALL - FIREFOX, IE, SAFARI,OPERA, CHROME,SEAMONKEY,IPHONE,IPOD,WII,PS3....", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20090716 RE[2]: [GSEC-TZO-44-2009] ONE BUG TO RULE THEM ALL - FIREFOX, IE, SAFARI,OPERA, CHROME,SEAMONKEY,IPHONE,IPOD,WII,PS3....", "trust": 0.6 }, { "db": "FEDORA", "id": "FEDORA-2009-8049", "trust": 0.6 }, { "db": "FEDORA", "id": "FEDORA-2009-8020", "trust": 0.6 }, { "db": "FEDORA", "id": "FEDORA-2009-8039", "trust": 0.6 }, { "db": "FEDORA", "id": "FEDORA-2009-8046", "trust": 0.6 }, { "db": "XF", "id": "52871", "trust": 0.6 }, { "db": "MILW0RM", "id": "9160", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200907-288", "trust": 0.6 }, { "db": "BID", "id": "35446", "trust": 0.3 }, { "db": "PACKETSTORM", "id": "79812", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "79819", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "83708", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "85663", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "85674", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "84482", "trust": 0.1 } ], "sources": [ { "db": "BID", "id": "35446" }, { "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "db": "PACKETSTORM", "id": "79812" }, { "db": "PACKETSTORM", "id": "79819" }, { "db": "PACKETSTORM", "id": "83708" }, { "db": "PACKETSTORM", "id": "85663" }, { "db": "PACKETSTORM", "id": "85674" }, { "db": "PACKETSTORM", "id": "84482" }, { "db": "CNNVD", "id": "CNNVD-200907-288" }, { "db": "NVD", "id": "CVE-2009-2537" } ] }, "id": "VAR-200906-0599", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.28125 }, "last_update_date": "2024-11-23T19:54:36.403000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.konqueror.org/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-004826" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-399", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "db": "NVD", "id": "CVE-2009-2537" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://www.g-sec.lu/one-bug-to-rule-them-all.html" }, { "trust": 1.7, "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01177.html" }, { "trust": 1.7, "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01196.html" }, { "trust": 1.7, "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01200.html" }, { "trust": 1.7, "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01199.html" }, { "trust": 1.6, "url": "http://secunia.com/advisories/36062" }, { "trust": 1.6, "url": "http://secunia.com/advisories/36057" }, { "trust": 1.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2537" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/504969/100/0/threaded" }, { "trust": 1.0, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52871" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/504988/100/0/threaded" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/505006/100/0/threaded" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/504989/100/0/threaded" }, { "trust": 1.0, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:330" }, { "trust": 1.0, "url": "http://www.exploit-db.com/exploits/9160" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2537" }, { "trust": 0.6, "url": "http://xforce.iss.net/xforce/xfdb/52871" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/505006/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/504989/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/504988/100/0/threaded" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/504969/100/0/threaded" }, { "trust": 0.6, "url": "http://www.milw0rm.com/exploits/9160" }, { "trust": 0.4, "url": "http://www.mandriva.com/security/" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2702" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2537" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0689" }, { "trust": 0.4, "url": "http://www.mandriva.com/security/advisories" }, { "trust": 0.4, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0689" }, { "trust": 0.4, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2702" }, { "trust": 0.3, "url": "http://support.apple.com/kb/ht3639" }, { "trust": 0.3, "url": "http://www.apple.com/iphone/" }, { "trust": 0.3, "url": "http://www.apple.com/ipodtouch/" }, { "trust": 0.3, "url": "http://www.mandriva.com/en/security/advisories?name=mdvsa-2009:346" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1687" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1687" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1698" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1690" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1690" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1698" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1725" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1725" }, { "trust": 0.2, "url": "http://secunia.com/advisories/35991/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/35581/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/business_solutions/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/36062/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/36057/" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0945" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0945" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1180" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1179" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1182" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3605" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3603" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3606" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0799" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0165" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0800" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1181" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3604" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179" }, { "trust": 0.1, "url": "https://qa.mandriva.com/56485" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1183" } ], "sources": [ { "db": "BID", "id": "35446" }, { "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "db": "PACKETSTORM", "id": "79812" }, { "db": "PACKETSTORM", "id": "79819" }, { "db": "PACKETSTORM", "id": "83708" }, { "db": "PACKETSTORM", "id": "85663" }, { "db": "PACKETSTORM", "id": "85674" }, { "db": "PACKETSTORM", "id": "84482" }, { "db": "CNNVD", "id": "CNNVD-200907-288" }, { "db": "NVD", "id": "CVE-2009-2537" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "BID", "id": "35446" }, { "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "db": "PACKETSTORM", "id": "79812" }, { "db": "PACKETSTORM", "id": "79819" }, { "db": "PACKETSTORM", "id": "83708" }, { "db": "PACKETSTORM", "id": "85663" }, { "db": "PACKETSTORM", "id": "85674" }, { "db": "PACKETSTORM", "id": "84482" }, { "db": "CNNVD", "id": "CNNVD-200907-288" }, { "db": "NVD", "id": "CVE-2009-2537" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2009-06-17T00:00:00", "db": "BID", "id": "35446" }, { "date": "2012-09-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "date": "2009-07-30T07:30:46", "db": "PACKETSTORM", "id": "79812" }, { "date": "2009-07-30T07:31:04", "db": "PACKETSTORM", "id": "79819" }, { "date": "2009-12-11T00:53:58", "db": "PACKETSTORM", "id": "83708" }, { "date": "2010-01-27T15:51:58", "db": "PACKETSTORM", "id": "85663" }, { "date": "2010-01-27T18:32:08", "db": "PACKETSTORM", "id": "85674" }, { "date": "2009-12-30T22:10:19", "db": "PACKETSTORM", "id": "84482" }, { "date": "2009-06-17T00:00:00", "db": "CNNVD", "id": "CNNVD-200907-288" }, { "date": "2009-07-20T18:30:01.157000", "db": "NVD", "id": "CVE-2009-2537" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-03-19T08:42:00", "db": "BID", "id": "35446" }, { "date": "2012-09-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2009-004826" }, { "date": "2009-09-04T00:00:00", "db": "CNNVD", "id": "CNNVD-200907-288" }, { "date": "2024-11-21T01:05:06.670000", "db": "NVD", "id": "CVE-2009-2537" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "85663" }, { "db": "PACKETSTORM", "id": "85674" }, { "db": "CNNVD", "id": "CNNVD-200907-288" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "KDE Konqueror Service disruption in (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-004826" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-200907-288" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.