CVE-2009-0945

Source
https://nvd.nist.gov/vuln/detail/CVE-2009-0945
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-0945.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2009-0945
Related
Withdrawn
2024-06-30T15:59:07.737739Z
Published
2009-05-13T17:30:00Z
Modified
2024-06-04T04:00:19Z
Summary
[none]
Details

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.

References

Affected packages

Debian:10 / kde4libs

Package

Name
kde4libs
Purl
pkg:deb/debian/kde4libs?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.3.0-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:10 / qt4-x11

Package

Name
qt4-x11
Purl
pkg:deb/debian/qt4-x11?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.5.2-1

Ecosystem specific

{
    "urgency": "medium"
}