CVE-2009-1698
Publication date 10 June 2009
Last updated 24 July 2024
Ubuntu priority
Description
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Status
| Package | Ubuntu Release | Status | 
|---|---|---|
| kde4libs | ||
| kdelibs | ||
| qt4-x11 | ||
| webkit | ||
Notes
jdstrand
webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit
mdeslaur
reproducer: http://trac.webkit.org/browser/trunk/LayoutTests/fast/css/attr-parsing.html?rev=42081&format=txt expected results: http://trac.webkit.org/browser/trunk/LayoutTests/fast/css/attr-parsing-expected.txt?rev=42081&format=txt
Patch details
| Package | Patch details | 
|---|---|
| kde4libs | |
| kdelibs | |
| webkit | 
 |