Lucene search
NilsZDI-09-022HistoryMay 13, 2009 - 12:00 a.m.
Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
2009-05-1300:00:00
Nils
www.zerodayinitiative.com
17
0.068 Low
EPSS
Percentile
93.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the parsing of malformed SVGLists via the SVGPathList data structure, the following lists are affected: SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, SVGLengthList. When a negative index argument is suppled to the insertItemBefore() method, a memory corruption occurs resulting in the ability to execute arbitrary code.
References
Related
cve
cve
CVE-2009-0945
2009-05-13 17:30:00
nessus
nessus
Fedora 11 : webkitgtk-1.1.8-1.fc11 (2009-6166)
2009-07-13 00:00:00
Google Chrome < 1.0.154.65 WebKit SVGList Object Handling Memory Corruption
2009-05-15 00:00:00
Ubuntu 8.04 LTS : kdegraphics vulnerabilities (USN-823-1)
2013-03-09 00:00:00
openvas
openvas
Fedora Core 11 FEDORA-2009-6166 (webkitgtk)
2009-07-29 00:00:00
Fedora Core 11 FEDORA-2009-6166 (webkitgtk)
2009-07-29 00:00:00
CentOS Update for kdegraphics CESA-2009:1130 centos5 i386
2011-08-09 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: webkitgtk-1.1.8-1.fc11
2009-07-11 17:06:37
[SECURITY] Fedora 11 Update: kdelibs-4.2.4-6.fc11
2009-07-28 18:23:23
[SECURITY] Fedora 10 Update: kdelibs-4.2.4-6.fc10
2009-07-28 18:26:55
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:39:14
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2009-05-29 00:00:00
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00
nvd
nvd
CVE-2009-0945
2009-05-13 17:30:00
ubuntucve
ubuntucve
CVE-2009-0945
2009-05-13 00:00:00
debiancve
debiancve
CVE-2009-0945
2009-05-13 17:30:00
chrome
chrome
Stable Update: Bug fix
2009-05-07 00:00:00
prion
prion
Memory corruption
2009-05-13 17:30:00
cvelist
cvelist
CVE-2009-0945
2009-05-13 17:00:00
redhat
redhat
(RHSA-2009:1130) Critical: kdegraphics security update
2009-06-25 00:00:00
ubuntu
ubuntu
KDE-Graphics vulnerabilities
2009-08-24 00:00:00
KDE-Libs vulnerabilities
2009-08-24 00:00:00
WebKit vulnerabilities
2009-09-23 00:00:00
debian
debian
[SECURITY] [DSA 1866-1] New kdegraphics packages fix several vulnerabilities
2009-08-19 12:32:52
[SECURITY] [DSA-1988-1] New qt4-x11 packages fix several vulnerabilities
2010-02-02 22:44:05
[SECURITY] [DSA-1988-1] New qt4-x11 packages fix several vulnerabilities
2010-02-02 22:44:05
centos
centos
kdegraphics security update
2009-06-26 14:06:51
osv
osv
kdegraphics - several vulnerabilities
2009-08-19 00:00:00
qt4-x11 - several vulnerabilities
2010-02-02 00:00:00
webkit - several vulnerabilities
2009-12-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package kde4libs version 4.2.4-alt3
2009-06-29 00:00:00
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt4
2009-12-24 00:00:00