Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.
http://code.google.com/p/chromium/issues/detail?id=9019
http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2009/May/msg00000.html
http://lists.apple.com/archives/security-announce/2009/May/msg00001.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/35056
http://secunia.com/advisories/35074
http://secunia.com/advisories/35095
http://secunia.com/advisories/35576
http://secunia.com/advisories/35805
http://secunia.com/advisories/36062
http://secunia.com/advisories/36461
http://secunia.com/advisories/36790
http://secunia.com/advisories/37746
http://secunia.com/advisories/43068
http://support.apple.com/kb/HT3549
http://support.apple.com/kb/HT3550
http://support.apple.com/kb/HT3639
http://www.debian.org/security/2009/dsa-1950
http://www.redhat.com/support/errata/RHSA-2009-1130.html
http://www.securityfocus.com/archive/1/503594/100/0/threaded
http://www.securityfocus.com/bid/34924
http://www.securitytracker.com/id?1022207
http://www.ubuntu.com/usn/USN-822-1
http://www.ubuntu.com/usn/USN-836-1
http://www.ubuntu.com/usn/USN-857-1
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1298
http://www.vupen.com/english/advisories/2009/1321
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2011/0212
http://www.zerodayinitiative.com/advisories/ZDI-09-022
https://exchange.xforce.ibmcloud.com/vulnerabilities/50477
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
AND
OR
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*
OR
cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
75629 | openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1) | Nessus | SuSE Local Security Checks | critical |
65118 | Ubuntu 8.04 LTS : kdegraphics vulnerabilities (USN-823-1) | Nessus | Ubuntu Local Security Checks | high |
60604 | Scientific Linux Security Update : kdegraphics on SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
53764 | openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1) | Nessus | SuSE Local Security Checks | critical |
53665 | openSUSE Security Update : kdegraphics3 (openSUSE-SU-2010:1035-1) | Nessus | SuSE Local Security Checks | high |
51113 | SuSE 10 Security Update : kdegraphics (ZYPP Patch Number 7235) | Nessus | SuSE Local Security Checks | high |
48170 | Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027) | Nessus | Mandriva Local Security Checks | high |
44852 | Debian DSA-1988-1 : qt4-x11 - several vulnerabilities | Nessus | Debian Local Security Checks | high |
44815 | Debian DSA-1950-1 : webkit - several vulnerabilities | Nessus | Debian Local Security Checks | high |
44731 | Debian DSA-1866-1 : kdegraphics - several vulnerabilities | Nessus | Debian Local Security Checks | high |
43764 | CentOS 5 : kdegraphics (CESA-2009:1130) | Nessus | CentOS Local Security Checks | high |
42467 | Ubuntu 8.10 / 9.04 : qt4-x11 vulnerabilities (USN-857-1) | Nessus | Ubuntu Local Security Checks | high |
41606 | Ubuntu 8.10 / 9.04 : webkit vulnerabilities (USN-836-1) | Nessus | Ubuntu Local Security Checks | high |
40767 | Ubuntu 8.04 LTS / 8.10 / 9.04 : kde4libs, kdelibs vulnerabilities (USN-822-1) | Nessus | Ubuntu Local Security Checks | high |
40414 | Fedora 10 : kdelibs-4.2.4-6.fc10 (2009-8049) | Nessus | Fedora Local Security Checks | high |
40412 | Fedora 11 : kdelibs-4.2.4-6.fc11 (2009-8039) | Nessus | Fedora Local Security Checks | high |
39771 | Fedora 11 : webkitgtk-1.1.8-1.fc11 (2009-6166) | Nessus | Fedora Local Security Checks | high |
39531 | RHEL 5 : kdegraphics (RHSA-2009:1130) | Nessus | Red Hat Local Security Checks | high |
38791 | Google Chrome < 1.0.154.65 WebKit SVGList Object Handling Memory Corruption | Nessus | Windows | medium |
38745 | Safari < 3.2.3 Multiple Vulnerabilities | Nessus | Windows | high |
38744 | Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities | Nessus | MacOS X Local Security Checks | critical |
5026 | Google Chrome < 1.0.154.65 Remote Code Execution | Nessus Network Monitor | Web Clients | medium |
5024 | Safari < 3.2.3 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | high |
5023 | Mac OS X 10.5 < 10.5.7 Multiple Vulnerabilities | Nessus Network Monitor | Generic | critical |
800998 | Safari < 3.2.3 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
800894 | Google Chrome < 1.0.154.65 Remote Code Execution | Log Correlation Engine | Web Clients | high |
800792 | Mac OS X 10.5 < 10.5.7 Multiple Vulnerabilities | Log Correlation Engine | Operating System Detection | high |