Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.win:def:33357
[Eng]
Version
7
Class
vulnerability
ALTXid
54654
Language
Russian
Severity
Critical
Title
Уязвимость повреждения памяти в Apple Safari (CVE-2009-1698)
Description
Apple Safari до 4.0 имеет уязвимость повреждения памяти. Приложение не может правильно обработать специально сформированный HTML документ. Успешная эксплуатация уязвимости позволяет удалённым злоумышленникам выполнить произвольный код и вызвать отказ в обслуживании.
Family
windows
Product
Apple Safari
Reference
FSTEC: BDU:2015-08519
FSTEC: BDU:2015-08519
Id:
BDU:2015-08519
Reference:
https://bdu.fstec.ru/vul/2015-08519
FSTEC: BDU:2015-08518
FSTEC: BDU:2015-08518
Id:
BDU:2015-08518
Reference:
https://bdu.fstec.ru/vul/2015-08518
FSTEC: BDU:2015-07273
FSTEC: BDU:2015-07273
Id:
BDU:2015-07273
Reference:
https://bdu.fstec.ru/vul/2015-07273
FSTEC: BDU:2015-07268
FSTEC: BDU:2015-07268
Id:
BDU:2015-07268
Reference:
https://bdu.fstec.ru/vul/2015-07268
FSTEC: BDU:2015-04057
FSTEC: BDU:2015-04057
Id:
BDU:2015-04057
Reference:
https://bdu.fstec.ru/vul/2015-04057
FSTEC: BDU:2015-04056
FSTEC: BDU:2015-04056
Id:
BDU:2015-04056
Reference:
https://bdu.fstec.ru/vul/2015-04056
FSTEC: BDU:2015-04055
FSTEC: BDU:2015-04055
Id:
BDU:2015-04055
Reference:
https://bdu.fstec.ru/vul/2015-04055
FSTEC: BDU:2015-04054
FSTEC: BDU:2015-04054
Id:
BDU:2015-04054
Reference:
https://bdu.fstec.ru/vul/2015-04054
FSTEC: BDU:2015-04053
FSTEC: BDU:2015-04053
Id:
BDU:2015-04053
Reference:
https://bdu.fstec.ru/vul/2015-04053
FSTEC: BDU:2015-04052
FSTEC: BDU:2015-04052
Id:
BDU:2015-04052
Reference:
https://bdu.fstec.ru/vul/2015-04052
FSTEC: BDU:2015-04051
FSTEC: BDU:2015-04051
Id:
BDU:2015-04051
Reference:
https://bdu.fstec.ru/vul/2015-04051
FSTEC: BDU:2015-04050
FSTEC: BDU:2015-04050
Id:
BDU:2015-04050
Reference:
https://bdu.fstec.ru/vul/2015-04050
FSTEC: BDU:2015-04049
FSTEC: BDU:2015-04049
Id:
BDU:2015-04049
Reference:
https://bdu.fstec.ru/vul/2015-04049
FSTEC: BDU:2015-04048
FSTEC: BDU:2015-04048
Id:
BDU:2015-04048
Reference:
https://bdu.fstec.ru/vul/2015-04048
FSTEC: BDU:2015-04047
FSTEC: BDU:2015-04047
Id:
BDU:2015-04047
Reference:
https://bdu.fstec.ru/vul/2015-04047
FSTEC: BDU:2015-04046
FSTEC: BDU:2015-04046
Id:
BDU:2015-04046
Reference:
https://bdu.fstec.ru/vul/2015-04046
FSTEC: BDU:2015-04045
FSTEC: BDU:2015-04045
Id:
BDU:2015-04045
Reference:
https://bdu.fstec.ru/vul/2015-04045
FSTEC: BDU:2015-04044
FSTEC: BDU:2015-04044
Id:
BDU:2015-04044
Reference:
https://bdu.fstec.ru/vul/2015-04044
FSTEC: BDU:2015-04043
FSTEC: BDU:2015-04043
Id:
BDU:2015-04043
Reference:
https://bdu.fstec.ru/vul/2015-04043
FSTEC: BDU:2015-04042
FSTEC: BDU:2015-04042
Id:
BDU:2015-04042
Reference:
https://bdu.fstec.ru/vul/2015-04042
FSTEC: BDU:2015-04041
FSTEC: BDU:2015-04041
Id:
BDU:2015-04041
Reference:
https://bdu.fstec.ru/vul/2015-04041
FSTEC: BDU:2015-04040
FSTEC: BDU:2015-04040
Id:
BDU:2015-04040
Reference:
https://bdu.fstec.ru/vul/2015-04040
FSTEC: BDU:2015-04039
FSTEC: BDU:2015-04039
Id:
BDU:2015-04039
Reference:
https://bdu.fstec.ru/vul/2015-04039
FSTEC: BDU:2015-04038
FSTEC: BDU:2015-04038
Id:
BDU:2015-04038
Reference:
https://bdu.fstec.ru/vul/2015-04038
FSTEC: BDU:2015-04037
FSTEC: BDU:2015-04037
Id:
BDU:2015-04037
Reference:
https://bdu.fstec.ru/vul/2015-04037
FSTEC: BDU:2015-04036
FSTEC: BDU:2015-04036
Id:
BDU:2015-04036
Reference:
https://bdu.fstec.ru/vul/2015-04036
FSTEC: BDU:2015-04035
FSTEC: BDU:2015-04035
Id:
BDU:2015-04035
Reference:
https://bdu.fstec.ru/vul/2015-04035
FSTEC: BDU:2015-04034
FSTEC: BDU:2015-04034
Id:
BDU:2015-04034
Reference:
https://bdu.fstec.ru/vul/2015-04034
FSTEC: BDU:2015-02914
FSTEC: BDU:2015-02914
Id:
BDU:2015-02914
Reference:
https://bdu.fstec.ru/vul/2015-02914
FSTEC: BDU:2015-02913
FSTEC: BDU:2015-02913
Id:
BDU:2015-02913
Reference:
https://bdu.fstec.ru/vul/2015-02913
FSTEC: BDU:2015-02912
FSTEC: BDU:2015-02912
Id:
BDU:2015-02912
Reference:
https://bdu.fstec.ru/vul/2015-02912
FSTEC: BDU:2015-02911
FSTEC: BDU:2015-02911
Id:
BDU:2015-02911
Reference:
https://bdu.fstec.ru/vul/2015-02911
FSTEC: BDU:2015-02910
FSTEC: BDU:2015-02910
Id:
BDU:2015-02910
Reference:
https://bdu.fstec.ru/vul/2015-02910
FSTEC: BDU:2015-02909
FSTEC: BDU:2015-02909
Id:
BDU:2015-02909
Reference:
https://bdu.fstec.ru/vul/2015-02909
FSTEC: BDU:2015-02908
FSTEC: BDU:2015-02908
Id:
BDU:2015-02908
Reference:
https://bdu.fstec.ru/vul/2015-02908
FSTEC: BDU:2015-02907
FSTEC: BDU:2015-02907
Id:
BDU:2015-02907
Reference:
https://bdu.fstec.ru/vul/2015-02907
FSTEC: BDU:2015-02905
FSTEC: BDU:2015-02905
Id:
BDU:2015-02905
Reference:
https://bdu.fstec.ru/vul/2015-02905
FSTEC: BDU:2015-02617
FSTEC: BDU:2015-02617
Id:
BDU:2015-02617
Reference:
https://bdu.fstec.ru/vul/2015-02617
FSTEC: BDU:2015-02616
FSTEC: BDU:2015-02616
Id:
BDU:2015-02616
Reference:
https://bdu.fstec.ru/vul/2015-02616
FSTEC: BDU:2015-02615
FSTEC: BDU:2015-02615
Id:
BDU:2015-02615
Reference:
https://bdu.fstec.ru/vul/2015-02615
FSTEC: BDU:2015-02614
FSTEC: BDU:2015-02614
Id:
BDU:2015-02614
Reference:
https://bdu.fstec.ru/vul/2015-02614
FSTEC: BDU:2015-02146
FSTEC: BDU:2015-02146
Id:
BDU:2015-02146
Reference:
https://bdu.fstec.ru/vul/2015-02146
CVE: CVE-2009-1698
CVE: CVE-2009-1698
Id:
CVE-2009-1698
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698
Comment
: WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
CVSSv2 Score:
9.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE:
94 (Improper Control of Generation of Code ('Code Injection'))
References:
http://www.zerodayinitiative.com/advisories/ZDI-09-032/ (MISC)
35260 (BID)
35379 (SECUNIA)
http://support.apple.com/kb/HT3613 (CONFIRM)
ADV-2009-1522 (VUPEN)
APPLE-SA-2009-06-08-1 (APPLE)
1022345 (SECTRACK)
55006 (OSVDB)
35318 (BID)
http://blog.zoller.lu/2009/05/advisory-apple-safari-remote-code.html (MISC)
ADV-2009-1621 (VUPEN)
http://support.apple.com/kb/HT3639 (CONFIRM)
APPLE-SA-2009-06-17-1 (APPLE)
RHSA-2009:1128 (REDHAT)
35588 (SECUNIA)
FEDORA-2009-8020 (FEDORA)
FEDORA-2009-8039 (FEDORA)
FEDORA-2009-8046 (FEDORA)
36057 (SECUNIA)
FEDORA-2009-8049 (FEDORA)
36062 (SECUNIA)
USN-822-1 (UBUNTU)
DSA-1950 (DEBIAN)
37746 (SECUNIA)
MDVSA-2009:330 (MANDRIVA)
USN-857-1 (UBUNTU)
USN-836-1 (UBUNTU)
36790 (SECUNIA)
ADV-2011-0212 (VUPEN)
SUSE-SR:2011:002 (SUSE)
43068 (SECUNIA)
oval:org.mitre.oval:def:9484 (OVAL)
20090614 [TZO-37-2009] Apple Safari
20090608 ZDI-09-032: Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability (BUGTRAQ)
Content available only for registered users!
ovaldb@altx-soft.com