What is the severity of CVE-2009-1689?

CVE-2009-1689 has been classified as a medium severity vulnerability due to its potential to allow cross-site scripting attacks.

How do I fix CVE-2009-1689?

To fix CVE-2009-1689, update your Apple Safari browser to version 4.0 or later.

Which versions of Safari are affected by CVE-2009-1689?

CVE-2009-1689 affects Apple Safari versions prior to 4.0, including multiple 3.x and earlier versions.

What type of vulnerability is CVE-2009-1689?

CVE-2009-1689 is a cross-site scripting (XSS) vulnerability.

Can CVE-2009-1689 allow attackers to steal information?

Yes, CVE-2009-1689 can allow remote attackers to inject malicious scripts, potentially leading to information theft.

Vulnerability/
CVE-2009-1689

medium

4.3

CWE

10/6/2009

17/2/2011

CVE-2009-1689: XSS

First published: Wed Jun 10 2009(Updated: )

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving submission of a form to the about:blank URL, leading to security-context replacement.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Apple Mobile Safari	=3.1.2
Apple Mobile Safari	=3.2.1
Apple Mobile Safari	=0.9
Apple Mobile Safari	=1.3.2
Apple Mobile Safari	=1.2
Apple Mobile Safari	=3.0.4
Apple Mobile Safari	=3.0.3
Apple Mobile Safari	=1.3.1
Apple Mobile Safari	=2.0.4
Apple Mobile Safari	=3.0
Apple Mobile Safari	=3.2.3
Apple Mobile Safari	=1.1
Apple Mobile Safari	<=4.0_beta
Apple Mobile Safari	=3.1
Apple Mobile Safari	=2.0
Apple Mobile Safari	=3.0.2
Apple Mobile Safari	=1.0.3
Apple Mobile Safari	=1.0
Apple Mobile Safari	=2.0.2
Apple Mobile Safari	=3.1.1
Apple Mobile Safari	=1.3
Apple Mobile Safari	=0.8
Apple Mobile Safari	=3.2
Apple Mobile Safari	=3.0.3
Apple Mobile Safari	=3.0.1
Apple Mobile Safari	=3.1.2
Apple Mobile Safari	<=3.2.3
Apple Mobile Safari	=3.0.2
Apple Mobile Safari	=3.1
Apple Mobile Safari	=3.1.1
Apple Mobile Safari	=3.0
Apple Mobile Safari	=3.2.2
Apple Mobile Safari	=3.2.1
Apple Mobile Safari	=3.0.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1689?
CVE-2009-1689 has been classified as a medium severity vulnerability due to its potential to allow cross-site scripting attacks.
How do I fix CVE-2009-1689?
To fix CVE-2009-1689, update your Apple Safari browser to version 4.0 or later.
Which versions of Safari are affected by CVE-2009-1689?
CVE-2009-1689 affects Apple Safari versions prior to 4.0, including multiple 3.x and earlier versions.
What type of vulnerability is CVE-2009-1689?
CVE-2009-1689 is a cross-site scripting (XSS) vulnerability.
Can CVE-2009-1689 allow attackers to steal information?
Yes, CVE-2009-1689 can allow remote attackers to inject malicious scripts, potentially leading to information theft.

agent/severity
agent/references
agent/weakness
agent/author
agent/type
agent/event
agent/description
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/apple
canonical/apple mobile safari
version/apple mobile safari/3.1.2
version/apple mobile safari/3.2.1
version/apple mobile safari/0.9
version/apple mobile safari/1.3.2
version/apple mobile safari/1.2
version/apple mobile safari/3.0.4
version/apple mobile safari/3.0.3
version/apple mobile safari/1.3.1
version/apple mobile safari/2.0.4
version/apple mobile safari/3.0
version/apple mobile safari/3.2.3
version/apple mobile safari/1.1
version/apple mobile safari/4.0_beta
version/apple mobile safari/3.1
version/apple mobile safari/2.0
version/apple mobile safari/3.0.2
version/apple mobile safari/1.0.3
version/apple mobile safari/1.0
version/apple mobile safari/2.0.2
version/apple mobile safari/3.1.1
version/apple mobile safari/1.3
version/apple mobile safari/0.8
version/apple mobile safari/3.2
version/apple mobile safari/3.0.1
version/apple mobile safari/3.2.2

CVE-2009-1689: XSS

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1689?

How do I fix CVE-2009-1689?

Which versions of Safari are affected by CVE-2009-1689?

What type of vulnerability is CVE-2009-1689?

Can CVE-2009-1689 allow attackers to steal information?

Company

Resources

Contact