PT-2009-6698 · Apple+1 · Safari+1

Published

1970-01-01

·

Updated

2017-08-17

·

CVE-2009-1712

CVSS v2.0

9.3

High

VectorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Apple Safari version 4.0 and earlier Debian GNU/Linux (affected versions not specified)
Description The issue allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information. Multiple vulnerabilities in various packages of Debian GNU/Linux can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.
Recommendations For Apple Safari version 4.0 and earlier, update to version 4.0 or later to resolve the issue. For Debian GNU/Linux, since the affected versions are not specified, it is recommended to check for and apply any available updates to ensure the system is secure. As a temporary workaround, consider restricting access to vulnerable components until a patch is available. Avoid using vulnerable functions or parameters in affected API endpoints until the issue is resolved.

Exploit

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-94

Related Identifiers

BDU:2015-02905
BDU:2015-02907
BDU:2015-02908
BDU:2015-02909
BDU:2015-02910
BDU:2015-02911
BDU:2015-02912
BDU:2015-02913
BDU:2015-02914
BDU:2015-04034
BDU:2015-04035
BDU:2015-04036
BDU:2015-04037
BDU:2015-04038
BDU:2015-04039
BDU:2015-04040
BDU:2015-04041
BDU:2015-04042
BDU:2015-04043
BDU:2015-04044
BDU:2015-04045
BDU:2015-04046
BDU:2015-04047
BDU:2015-04048
BDU:2015-04049
BDU:2015-04050
BDU:2015-04051
BDU:2015-04052
BDU:2015-04053
BDU:2015-04054
BDU:2015-04055
BDU:2015-04056
BDU:2015-04057
CVE-2009-1712
DSA-1950-1
DSA-1988-1

Affected Products

Safari
Debian