CVE-2009-0945: Code Injection
First published: Wed May 13 2009(Updated: )
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS and macOS | =10.4.11 | |
| Apple iOS and macOS | =10.5.0 | |
| Apple iOS and macOS | =10.5.1 | |
| Apple iOS and macOS | =10.5.2 | |
| Apple iOS and macOS | =10.5.3 | |
| Apple iOS and macOS | =10.5.4 | |
| Apple iOS and macOS | =10.5.5 | |
| Apple iOS and macOS | =10.5.6 | |
| Apple macOS Server | =10.4.11 | |
| Apple macOS Server | =10.5.0 | |
| Apple macOS Server | =10.5.1 | |
| Apple macOS Server | =10.5.2 | |
| Apple macOS Server | =10.5.3 | |
| Apple macOS Server | =10.5.4 | |
| Apple macOS Server | =10.5.6 | |
| Microsoft Windows Vista | ||
| Microsoft Windows XP | ||
| Apple Mobile Safari | <=3.2.2 | |
| Apple Mobile Safari | =0.8 | |
| Apple Mobile Safari | =0.9 | |
| Apple Mobile Safari | =1.0 | |
| Apple Mobile Safari | =1.0-beta | |
| Apple Mobile Safari | =1.0-beta2 | |
| Apple Mobile Safari | =1.0.0 | |
| Apple Mobile Safari | =1.0.0b1 | |
| Apple Mobile Safari | =1.0.0b2 | |
| Apple Mobile Safari | =1.0.1 | |
| Apple Mobile Safari | =1.0.2 | |
| Apple Mobile Safari | =1.0.3 | |
| Apple Mobile Safari | =1.0.3-85.8 | |
| Apple Mobile Safari | =1.0.3-85.8.1 | |
| Apple Mobile Safari | =1.1 | |
| Apple Mobile Safari | =1.1.0 | |
| Apple Mobile Safari | =1.1.1 | |
| Apple Mobile Safari | =1.2 | |
| Apple Mobile Safari | =1.2.0 | |
| Apple Mobile Safari | =1.2.1 | |
| Apple Mobile Safari | =1.2.2 | |
| Apple Mobile Safari | =1.2.3 | |
| Apple Mobile Safari | =1.2.4 | |
| Apple Mobile Safari | =1.2.5 | |
| Apple Mobile Safari | =1.3 | |
| Apple Mobile Safari | =1.3.0 | |
| Apple Mobile Safari | =1.3.1 | |
| Apple Mobile Safari | =1.3.2 | |
| Apple Mobile Safari | =1.3.2-312.5 | |
| Apple Mobile Safari | =1.3.2-312.6 | |
| Apple Mobile Safari | =2 | |
| Apple Mobile Safari | =2.0 | |
| Apple Mobile Safari | =2.0.0 | |
| Apple Mobile Safari | =2.0.1 | |
| Apple Mobile Safari | =2.0.2 | |
| Apple Mobile Safari | =2.0.3 | |
| Apple Mobile Safari | =2.0.3-417.8 | |
| Apple Mobile Safari | =2.0.3-417.9 | |
| Apple Mobile Safari | =2.0.3-417.9.2 | |
| Apple Mobile Safari | =2.0.4 | |
| Apple Mobile Safari | =3 | |
| Apple Mobile Safari | =3.0 | |
| Apple Mobile Safari | =3.0.0 | |
| Apple Mobile Safari | =3.0.1 | |
| Apple Mobile Safari | =3.0.2 | |
| Apple Mobile Safari | =3.0.3 | |
| Apple Mobile Safari | =3.0.4 | |
| Apple Mobile Safari | =3.1 | |
| Apple Mobile Safari | =3.1.0 | |
| Apple Mobile Safari | =3.1.1 | |
| Apple Mobile Safari | =3.1.2 | |
| Apple Mobile Safari | =3.2 | |
| Apple Mobile Safari | =3.2.0 | |
| Apple Mobile Safari | =3.2.1 | |
| Apple Mobile Safari | =4.0-beta |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2009/May/msg00001.html
- http://support.apple.com/kb/HT3549
- http://lists.apple.com/archives/security-announce/2009/May/msg00000.html
- http://support.apple.com/kb/HT3550
- http://www.securitytracker.com/id?1022207
- http://secunia.com/advisories/35056
- http://www.vupen.com/english/advisories/2009/1298
- http://www.vupen.com/english/advisories/2009/1297
- http://www.us-cert.gov/cas/techalerts/TA09-133A.html
- http://secunia.com/advisories/35074
- http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html
- http://www.vupen.com/english/advisories/2009/1321
- http://code.google.com/p/chromium/issues/detail?id=9019
- http://secunia.com/advisories/35095
- http://www.zerodayinitiative.com/advisories/ZDI-09-022
- http://www.vupen.com/english/advisories/2009/1621
- http://support.apple.com/kb/HT3639
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
- http://www.securityfocus.com/bid/34924
- http://www.redhat.com/support/errata/RHSA-2009-1130.html
- http://secunia.com/advisories/35576
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html
- http://secunia.com/advisories/35805
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
- http://secunia.com/advisories/36062
- http://secunia.com/advisories/36461
- http://www.ubuntu.com/usn/USN-822-1
- http://secunia.com/advisories/37746
- http://www.debian.org/security/2009/dsa-1950
- http://www.ubuntu.com/usn/USN-857-1
- http://www.ubuntu.com/usn/USN-836-1
- http://secunia.com/advisories/36790
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- http://secunia.com/advisories/43068
- http://www.vupen.com/english/advisories/2011/0212
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50477
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584
- https://usn.ubuntu.com/823-1/
- http://www.securityfocus.com/archive/1/503594/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2009-0945?
CVE-2009-0945 has a severity rating that indicates a potential for remote code execution vulnerabilities.
How do I fix CVE-2009-0945?
To fix CVE-2009-0945, users should update to the latest version of Safari or other affected software that addresses this vulnerability.
Which software versions are affected by CVE-2009-0945?
CVE-2009-0945 affects Apple Safari versions prior to 3.2.3 and several older versions of Mac OS X and iPhone OS.
Can CVE-2009-0945 be exploited remotely?
Yes, CVE-2009-0945 can be exploited remotely, allowing attackers to execute arbitrary code on the affected systems.
Is CVE-2009-0945 specific to Apple products?
While CVE-2009-0945 primarily affects Apple products, it may also impact Google Chrome Stable versions before 1.0.154.65.
- collector/nvd-historical
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/apple ios and macos
- version/apple ios and macos/10.4.11
- version/apple ios and macos/10.5.0
- version/apple ios and macos/10.5.1
- version/apple ios and macos/10.5.2
- version/apple ios and macos/10.5.3
- version/apple ios and macos/10.5.4
- version/apple ios and macos/10.5.5
- version/apple ios and macos/10.5.6
- canonical/apple macos server
- version/apple macos server/10.4.11
- version/apple macos server/10.5.0
- version/apple macos server/10.5.1
- version/apple macos server/10.5.2
- version/apple macos server/10.5.3
- version/apple macos server/10.5.4
- version/apple macos server/10.5.6
- vendor/microsoft
- canonical/microsoft windows vista
- canonical/microsoft windows xp
- canonical/apple mobile safari
- version/apple mobile safari/3.2.2
- version/apple mobile safari/0.8
- version/apple mobile safari/0.9
- version/apple mobile safari/1.0
- version/apple mobile safari/1.0-beta
- version/apple mobile safari/1.0-beta2
- version/apple mobile safari/1.0.0
- version/apple mobile safari/1.0.0b1
- version/apple mobile safari/1.0.0b2
- version/apple mobile safari/1.0.1
- version/apple mobile safari/1.0.2
- version/apple mobile safari/1.0.3
- version/apple mobile safari/1.0.3-85.8
- version/apple mobile safari/1.0.3-85.8.1
- version/apple mobile safari/1.1
- version/apple mobile safari/1.1.0
- version/apple mobile safari/1.1.1
- version/apple mobile safari/1.2
- version/apple mobile safari/1.2.0
- version/apple mobile safari/1.2.1
- version/apple mobile safari/1.2.2
- version/apple mobile safari/1.2.3
- version/apple mobile safari/1.2.4
- version/apple mobile safari/1.2.5
- version/apple mobile safari/1.3
- version/apple mobile safari/1.3.0
- version/apple mobile safari/1.3.1
- version/apple mobile safari/1.3.2
- version/apple mobile safari/1.3.2-312.5
- version/apple mobile safari/1.3.2-312.6
- version/apple mobile safari/2
- version/apple mobile safari/2.0
- version/apple mobile safari/2.0.0
- version/apple mobile safari/2.0.1
- version/apple mobile safari/2.0.2
- version/apple mobile safari/2.0.3
- version/apple mobile safari/2.0.3-417.8
- version/apple mobile safari/2.0.3-417.9
- version/apple mobile safari/2.0.3-417.9.2
- version/apple mobile safari/2.0.4
- version/apple mobile safari/3
- version/apple mobile safari/3.0
- version/apple mobile safari/3.0.0
- version/apple mobile safari/3.0.1
- version/apple mobile safari/3.0.2
- version/apple mobile safari/3.0.3
- version/apple mobile safari/3.0.4
- version/apple mobile safari/3.1
- version/apple mobile safari/3.1.0
- version/apple mobile safari/3.1.1
- version/apple mobile safari/3.1.2
- version/apple mobile safari/3.2
- version/apple mobile safari/3.2.0
- version/apple mobile safari/3.2.1
- version/apple mobile safari/4.0-beta