Vulnerability Name:

CVE-2009-1690 (CCN-51040)

Assigned:2009-06-09
Published:2009-06-09
Updated:2021-05-23
Summary:Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Athentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
Vulnerability Type:CWE-399
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-1690

Source: CCN
Type: Google Chrome Releases
Stable update: 2 WebKit security fixes

Source: IDEFENSE
Type: UNKNOWN
20090608 Multiple Vendor WebKit Error Handling Use After Free Vulnerability

Source: APPLE
Type: Patch, Vendor Advisory
APPLE-SA-2009-06-08-1

Source: APPLE
Type: Patch, Vendor Advisory
APPLE-SA-2009-06-17-1

Source: SUSE
Type: UNKNOWN
SUSE-SR:2011:002

Source: OSVDB
Type: UNKNOWN
54990

Source: CCN
Type: RHSA-2009-1127
Critical: kdelibs security update

Source: CCN
Type: SA35379
Apple Safari Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
35379

Source: CCN
Type: SA35411
Google Chrome WebKit Use-After-Free and Information Disclosure

Source: SECUNIA
Type: Vendor Advisory
36057

Source: SECUNIA
Type: Vendor Advisory
36062

Source: SECUNIA
Type: Vendor Advisory
36790

Source: SECUNIA
Type: Vendor Advisory
37746

Source: SECUNIA
Type: Vendor Advisory
43068

Source: CCN
Type: SECTRACK ID: 1022345
Apple Safari Bugs Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch
1022345

Source: CONFIRM
Type: Patch, Vendor Advisory
http://support.apple.com/kb/HT3613

Source: CONFIRM
Type: Patch, Vendor Advisory
http://support.apple.com/kb/HT3639

Source: CCN
Type: ASA-2009-253
kdelibs security update (RHSA-2009-1127)

Source: DEBIAN
Type: UNKNOWN
DSA-1950

Source: DEBIAN
Type: DSA-1867
kdelibs -- several vulnerabilities

Source: DEBIAN
Type: DSA-1868
kde4libs -- several vulnerabilities

Source: DEBIAN
Type: DSA-1950
webkit -- several vulnerabilities

Source: DEBIAN
Type: DSA-1988
qt4-x11 -- several vulnerabilities

Source: CCN
Type: Google Chrome Web site
Google Chrome

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:330

Source: CCN
Type: OSVDB ID: 54990
Apple Safari WebKit DOM Error Event Recursion Handling Memory Corruption

Source: BID
Type: Exploit, Patch
35260

Source: CCN
Type: BID-35260
RETIRED: Apple Safari Prior to 4.0 Multiple Security Vulnerabilities

Source: CCN
Type: USN-822-1
KDE-Libs vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-822-1

Source: CCN
Type: USN-836-1
WebKit vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-836-1

Source: CCN
Type: USN-857-1
Qt vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-857-1

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-1522

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1621

Source: VUPEN
Type: Vendor Advisory
ADV-2011-0212

Source: XF
Type: UNKNOWN
googlechrome-webkit-code-execution(51040)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11009

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-8039

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-8049

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-8046

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-8020

Source: SUSE
Type: SUSE-SR:2011:002
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apple:safari:3.1.1:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1.2:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:1.3.2:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:2.0:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:0.9:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.3:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:0.8:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:1.0:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:2.0.2:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:2.0.4:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:1.1:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:1.3.1:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2.3:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.4:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:1.2:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:*:*:mac:*:*:*:*:* (Version <= 4.0_beta)
  • OR cpe:/a:apple:safari:3.2.1:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.2:-:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:1.0.3:*:mac:*:*:*:*:*
  • OR cpe:/a:apple:safari:1.3:*:mac:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:apple:safari:3.0.3:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.4:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:*:*:windows:*:*:*:*:* (Version <= 3.2.3)
  • OR cpe:/a:apple:safari:3.1:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1.1:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.2:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.1:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2.1:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2.2:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1.2:*:windows:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2:-:windows:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.3:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.5:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.1:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.2:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.0:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.4:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.2:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.3:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.1:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.2:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.5:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.1:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.4:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.2.1:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.2.1:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.0:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.1:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.2:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.2:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:google:chrome:1.0.154.53:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.55:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.48:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.64:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.65:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:1.0.154.61:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:2.0.172.30:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2009-1690 (CCN-51240)

    Assigned:2009-06-10
    Published:2009-06-10
    Updated:2019-09-26
    Summary:Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
    6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Athentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
    5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    Vulnerability Type:CWE-399
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2009-1690

    Source: CCN
    Type: KDE Web site
    KDE

    Source: IDEFENSE
    Type: UNKNOWN
    20090608 Multiple Vendor WebKit Error Handling Use After Free Vulnerability

    Source: APPLE
    Type: Patch, Vendor Advisory
    APPLE-SA-2009-06-08-1

    Source: APPLE
    Type: Patch, Vendor Advisory
    APPLE-SA-2009-06-17-1

    Source: SUSE
    Type: UNKNOWN
    SUSE-SR:2011:002

    Source: OSVDB
    Type: UNKNOWN
    54990

    Source: CCN
    Type: RHSA-2009-1127
    Critical: kdelibs security update

    Source: CCN
    Type: SA35379
    Apple Safari Multiple Vulnerabilities

    Source: SECUNIA
    Type: Vendor Advisory
    35379

    Source: CCN
    Type: SA35581
    KDE Multiple Vulnerabilities

    Source: SECUNIA
    Type: Vendor Advisory
    36057

    Source: SECUNIA
    Type: Vendor Advisory
    36062

    Source: SECUNIA
    Type: Vendor Advisory
    36790

    Source: SECUNIA
    Type: Vendor Advisory
    37746

    Source: SECUNIA
    Type: Vendor Advisory
    43068

    Source: CCN
    Type: SECTRACK ID: 1022345
    Apple Safari Bugs Let Remote Users Execute Arbitrary Code

    Source: SECTRACK
    Type: Patch
    1022345

    Source: CCN
    Type: Apple Web site
    About the security content of Safari 4.0

    Source: CONFIRM
    Type: Patch, Vendor Advisory
    http://support.apple.com/kb/HT3613

    Source: CONFIRM
    Type: Patch, Vendor Advisory
    http://support.apple.com/kb/HT3639

    Source: CCN
    Type: ASA-2009-253
    kdelibs security update (RHSA-2009-1127)

    Source: DEBIAN
    Type: UNKNOWN
    DSA-1950

    Source: DEBIAN
    Type: DSA-1867
    kdelibs -- several vulnerabilities

    Source: DEBIAN
    Type: DSA-1868
    kde4libs -- several vulnerabilities

    Source: DEBIAN
    Type: DSA-1950
    webkit -- several vulnerabilities

    Source: DEBIAN
    Type: DSA-1988
    qt4-x11 -- several vulnerabilities

    Source: MANDRIVA
    Type: UNKNOWN
    MDVSA-2009:330

    Source: CCN
    Type: OSVDB ID: 54990
    Apple Safari WebKit DOM Error Event Recursion Handling Memory Corruption

    Source: BID
    Type: Exploit, Patch
    35260

    Source: CCN
    Type: BID-35260
    RETIRED: Apple Safari Prior to 4.0 Multiple Security Vulnerabilities

    Source: CCN
    Type: BID-35271
    WebKit DOM Event Handler Remote Memory Corruption Vulnerability

    Source: CCN
    Type: USN-822-1
    KDE-Libs vulnerabilities

    Source: UBUNTU
    Type: UNKNOWN
    USN-822-1

    Source: CCN
    Type: USN-836-1
    WebKit vulnerabilities

    Source: UBUNTU
    Type: UNKNOWN
    USN-836-1

    Source: CCN
    Type: USN-857-1
    Qt vulnerabilities

    Source: UBUNTU
    Type: UNKNOWN
    USN-857-1

    Source: VUPEN
    Type: Patch, Vendor Advisory
    ADV-2009-1522

    Source: VUPEN
    Type: Vendor Advisory
    ADV-2009-1621

    Source: VUPEN
    Type: Vendor Advisory
    ADV-2011-0212

    Source: XF
    Type: UNKNOWN
    safari-dom-code-execution(51240)

    Source: CCN
    Type: iDefense PUBLIC ADVISORY: 06.08.09
    Multiple Vendor WebKit Error Handling Use After Free Vulnerability

    Source: OVAL
    Type: UNKNOWN
    oval:org.mitre.oval:def:11009

    Source: FEDORA
    Type: UNKNOWN
    FEDORA-2009-8039

    Source: FEDORA
    Type: UNKNOWN
    FEDORA-2009-8049

    Source: FEDORA
    Type: UNKNOWN
    FEDORA-2009-8046

    Source: FEDORA
    Type: UNKNOWN
    FEDORA-2009-8020

    Source: SUSE
    Type: SUSE-SR:2011:002
    SUSE Security Summary Report

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20091690
    V
    		CVE-2009-1690
    2015-11-16
    oval:org.mitre.oval:def:29301
    P
    		RHSA-2009:1127 -- kdelibs security update (Critical)
    2015-08-17
    oval:org.mitre.oval:def:13946
    P
    		USN-857-1 -- qt4-x11 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13862
    P
    		USN-822-1 -- kde4libs, kdelibs vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13113
    P
    		USN-836-1 -- webkit vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:7524
    P
    		DSA-1868 kde4libs -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:13176
    P
    		DSA-1868-1 kde4libs -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:18395
    P
    		DSA-1950-1 webkit - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8086
    P
    		DSA-1867 kdelibs -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:13290
    P
    		DSA-1867-1 kdelibs -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:6923
    P
    		DSA-1988 qt4-x11 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:19394
    P
    		DSA-1988-1 qt4-x11 - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7247
    P
    		DSA-1950 webkit -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22057
    P
    		ELSA-2009:1127: kdelibs security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:11009
    V
    		Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
    2013-04-29
    oval:org.debian:def:1988
    V
    		several vulnerabilities
    2010-02-02
    oval:org.debian:def:1950
    V
    		several vulnerabilities
    2009-12-12
    oval:org.debian:def:1867
    V
    		several vulnerabilities
    2009-08-19
    oval:org.debian:def:1868
    V
    		several vulnerabilities
    2009-08-19
    oval:com.redhat.rhsa:def:20091127
    P
    		RHSA-2009:1127: kdelibs security update (Critical)
    2009-06-25
    BACK
    apple safari 3.1.1
    apple safari 3.1
    apple safari 3.1.2
    apple safari 1.3.2
    apple safari 2.0
    apple safari 0.9
    apple safari 3.0.3
    apple safari 0.8
    apple safari 1.0
    apple safari 2.0.2
    apple safari 2.0.4
    apple safari 3.0
    apple safari 1.1
    apple safari 1.3.1
    apple safari 3.2.3
    apple safari 3.0.4
    apple safari 1.2
    apple safari *
    apple safari 3.2.1
    apple safari 3.0.2 -
    apple safari 1.0.3
    apple safari 1.3
    apple safari 3.0.3
    apple safari 3.0.4
    apple safari *
    apple safari 3.1
    apple safari 3.1.1
    apple safari 3.0.2
    apple safari 3.0
    apple safari 3.0.1
    apple safari 3.2.1
    apple safari 3.2.2
    apple safari 3.1.2
    apple safari 3.2 -
    apple iphone os 1.1.1
    apple iphone os 1.1.3 -
    apple iphone os 1.1.5 -
    apple iphone os 1.0
    apple iphone os 1.1.1 -
    apple iphone os 1.1.0 -
    apple iphone os 2.0.0 -
    apple iphone os 2.0.1 -
    apple iphone os 2.2 -
    apple iphone os 2.1 -
    apple iphone os 2.0.0 -
    apple iphone os 1.1.4 -
    apple iphone os 2.0.2 -
    apple iphone os 1.0.2
    apple iphone os 1.1.2 -
    apple iphone os 2.0.2 -
    apple iphone os 2.0.0
    apple iphone os 1.1.3 -
    apple iphone os 2.1 -
    apple iphone os 1.1.2
    apple iphone os 1.1.2 -
    apple iphone os 1.1.3
    apple iphone os 1.1.5 -
    apple iphone os 1.1.0
    apple iphone os 2.0.1 -
    apple iphone os 1.1.4 -
    apple iphone os 1.0.1
    apple iphone os 2.2.1 -
    apple iphone os 2.1
    apple iphone os 1.1.5
    apple iphone os 2.2.1 -
    apple iphone os 1.1.4
    apple iphone os 1.0.0
    apple iphone os 1.0.0
    apple iphone os 1.1.0 -
    apple iphone os 2.0
    apple iphone os 1.0.1 -
    apple iphone os 2.2 -
    apple iphone os 1.1
    apple iphone os 1.0.2 -
    apple iphone os 2.0.2
    apple iphone os 2.0.1
    google chrome 1.0.154.53
    google chrome 1.0.154.36
    google chrome 1.0.154.55
    google chrome 1.0.154.53
    google chrome 1.0.154.46
    google chrome 1.0.154.59
    google chrome 1.0.154.48
    google chrome 1.0.154.64
    google chrome 1.0.154.65
    google chrome 1.0.154.61
    google chrome 2.0.172.30
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    canonical ubuntu 8.04
    debian debian linux 5.0