CVE-2009-1692

Name of the Vulnerable Software and Affected Versions: WebKit versions before r41741 Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 Safari (affected versions not specified)

Description: The issue allows remote attackers to cause a denial of service, resulting in memory consumption or device reset, via a web page containing an HTMLSelectElement object with a large length attribute. This is related to the length property of a Select object.

Recommendations: For WebKit versions before r41741, update to a version after r41741 to resolve the issue. For Apple iPhone OS versions 1.0 through 2.2.1, update to a version after 2.2.1. For Apple iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version after 2.2.1. For Safari, at the moment, there is no information about a newer version that contains a fix for this issue.