CVE-2009-1698

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 4.0 iPhone OS versions 1.0 through 2.2.1 iPhone OS for iPod touch versions 1.1 through 2.2.1 kdelibs-3.1.3 libqt4-sql-sqlite2 (affected versions not specified) libqt4-script (affected versions not specified) libqt4-assistant (affected versions not specified) libqt4-dbus (affected versions not specified) kdelibs5 (affected versions not specified) libqt4-sql-sqlite (affected versions not specified) libqt4-sql-ibase (affected versions not specified) libqt4-network (affected versions not specified) libqt4-opengl-dev (affected versions not specified) libqt4-sql-psql (affected versions not specified) libqt4-xmlpatterns (affected versions not specified) libqt4-sql (affected versions not specified) libqt4-gui (affected versions not specified) qt4-designer (affected versions not specified) libqt4-sql-mysql (affected versions not specified) kdelibs-bin (affected versions not specified) libqt4-xmlpatterns-dbg (affected versions not specified) libqt4-dev (affected versions not specified) libqt4-core (affected versions not specified) kdelibs5-data (affected versions not specified) qt4-demos (affected versions not specified) qt4-dev-tools (affected versions not specified) qt4-doc (affected versions not specified) libqt4-dbg (affected versions not specified) kdelibs-devel-3.1.3 libqt4-xml (affected versions not specified) libqt4-test (affected versions not specified) libqt4-sql-odbc (affected versions not specified) libqt4-qt3support (affected versions not specified) libqt4-webkit-dbg (affected versions not specified) libqt4-svg (affected versions not specified) kdelibs5-dbg (affected versions not specified) qt4-doc-html (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. It may lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of the issue can be done remotely.

Recommendations For Apple Safari versions prior to 4.0, update to version 4.0 or later. For iPhone OS versions 1.0 through 2.2.1, update to a version later than 2.2.1. For iPhone OS for iPod touch versions 1.1 through 2.2.1, update to a version later than 2.2.1. For kdelibs-3.1.3, kdelibs-devel-3.1.3, and other affected packages, update to a version that is not vulnerable. At the moment, there is no information about a newer version that contains a fix for this vulnerability for the rest of the affected software.