NVD Vulnerability Detail

CVE-2009-1690

Summary	Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
Summary	Una vulnerabilidad de uso de memoria previamente liberada en WebKit, como es usado en Safari de Apple anterior a versión 4.0, iPhone OS versiones 1.0 hasta 2.2.1, iPhone OS para iPod touch versiones 1.1 hasta 2.2.1, Chrome de Google versión 1.0.154.53, y posiblemente otros productos, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y bloqueo de aplicación) mediante el establecimiento de una propiedad no especificada de una etiqueta HTML que causa que los elementos secundarios se liberen y más adelante se tenga acceso cuando se produce un error HTML, relacionado con "recursion in certain DOM event handlers".
Publication Date	June 10, 2009, 11:30 p.m.
Registration Date	Jan. 29, 2021, 1:18 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : HIGH
Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apple:safari:::mac:::::*		4.0_beta
cpe:2.3:a:apple:safari:0.8::mac:::::
cpe:2.3:a:apple:safari:0.9::mac:::::
cpe:2.3:a:apple:safari:1.0::mac:::::
cpe:2.3:a:apple:safari:1.0.3::mac:::::
cpe:2.3:a:apple:safari:1.1::mac:::::
cpe:2.3:a:apple:safari:1.2::mac:::::
cpe:2.3:a:apple:safari:1.3::mac:::::
cpe:2.3:a:apple:safari:1.3.1::mac:::::
cpe:2.3:a:apple:safari:1.3.2::mac:::::
cpe:2.3:a:apple:safari:2.0::mac:::::
cpe:2.3:a:apple:safari:2.0.2::mac:::::
cpe:2.3:a:apple:safari:2.0.4::mac:::::
cpe:2.3:a:apple:safari:3.0::mac:::::
cpe:2.3:a:apple:safari:3.0.2:-:mac:::::*
cpe:2.3:a:apple:safari:3.0.3::mac:::::
cpe:2.3:a:apple:safari:3.0.4::mac:::::
cpe:2.3:a:apple:safari:3.1::mac:::::
cpe:2.3:a:apple:safari:3.1.1::mac:::::
cpe:2.3:a:apple:safari:3.1.2::mac:::::
cpe:2.3:a:apple:safari:3.2.1::mac:::::
cpe:2.3:a:apple:safari:3.2.3::mac:::::
cpe:2.3:a:apple:safari:::windows:::::*		3.2.3
cpe:2.3:a:apple:safari:3.0::windows:::::
cpe:2.3:a:apple:safari:3.0.1::windows:::::
cpe:2.3:a:apple:safari:3.0.2::windows:::::
cpe:2.3:a:apple:safari:3.0.3::windows:::::
cpe:2.3:a:apple:safari:3.0.4::windows:::::
cpe:2.3:a:apple:safari:3.1::windows:::::
cpe:2.3:a:apple:safari:3.1.1::windows:::::
cpe:2.3:a:apple:safari:3.1.2::windows:::::
cpe:2.3:a:apple:safari:3.2:-:windows:::::*
cpe:2.3:a:apple:safari:3.2.1::windows:::::
cpe:2.3:a:apple:safari:3.2.2::windows:::::
cpe:2.3:o:apple:iphone_os:1.0:::::::*
cpe:2.3:o:apple:iphone_os:1.0.0:::::::*
cpe:2.3:o:apple:iphone_os:1.0.1:::::::*
cpe:2.3:o:apple:iphone_os:1.0.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.0.2:::::::*
cpe:2.3:o:apple:iphone_os:1.0.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1:::::::*
cpe:2.3:o:apple:iphone_os:1.1.0:::::::*
cpe:2.3:o:apple:iphone_os:1.1.0:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.1:::::::*
cpe:2.3:o:apple:iphone_os:1.1.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.2:::::::*
cpe:2.3:o:apple:iphone_os:1.1.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.3:::::::*
cpe:2.3:o:apple:iphone_os:1.1.3:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.3:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.4:::::::*
cpe:2.3:o:apple:iphone_os:1.1.4:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.4:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.5:::::::*
cpe:2.3:o:apple:iphone_os:1.1.5:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.5:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.0:::::::*
cpe:2.3:o:apple:iphone_os:2.0.0:::::::*
cpe:2.3:o:apple:iphone_os:2.0.0:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.0.1:::::::*
cpe:2.3:o:apple:iphone_os:2.0.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.0.2:::::::*
cpe:2.3:o:apple:iphone_os:2.0.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.1:::::::*
cpe:2.3:o:apple:iphone_os:2.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.2:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.2.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.2.1:-:ipodtouch:::::*
cpe:2.3:a:google:chrome:1.0.154.53:::::::*

Related information, measures and tools

No	URL	refsource
1	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=803	cve@mitre.org
2	http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html	cve@mitre.org
3	http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html	cve@mitre.org
4	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	cve@mitre.org
5	http://osvdb.org/54990	cve@mitre.org
6	http://secunia.com/advisories/35379	cve@mitre.org
7	http://secunia.com/advisories/36057	cve@mitre.org
8	http://secunia.com/advisories/36062	cve@mitre.org
9	http://secunia.com/advisories/36790	cve@mitre.org
10	http://secunia.com/advisories/37746	cve@mitre.org
11	http://secunia.com/advisories/43068	cve@mitre.org
12	http://securitytracker.com/id?1022345	cve@mitre.org
13	http://support.apple.com/kb/HT3613	cve@mitre.org
14	http://support.apple.com/kb/HT3639	cve@mitre.org
15	http://www.debian.org/security/2009/dsa-1950	cve@mitre.org
16	http://www.mandriva.com/security/advisories?name=MDVSA-2009:330	cve@mitre.org
17	http://www.securityfocus.com/bid/35260	cve@mitre.org
18	http://www.ubuntu.com/usn/USN-822-1	cve@mitre.org
19	http://www.ubuntu.com/usn/USN-836-1	cve@mitre.org
20	http://www.ubuntu.com/usn/USN-857-1	cve@mitre.org
21	http://www.vupen.com/english/advisories/2009/1522	cve@mitre.org
22	http://www.vupen.com/english/advisories/2009/1621	cve@mitre.org
23	http://www.vupen.com/english/advisories/2011/0212	cve@mitre.org
24	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11009	cve@mitre.org
25	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html	cve@mitre.org
26	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html	cve@mitre.org
27	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html	cve@mitre.org
28	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html	cve@mitre.org
29	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=803	af854a3a-2127-422b-91ae-364da2661108
30	http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html	af854a3a-2127-422b-91ae-364da2661108
31	http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html	af854a3a-2127-422b-91ae-364da2661108
32	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	af854a3a-2127-422b-91ae-364da2661108
33	http://osvdb.org/54990	af854a3a-2127-422b-91ae-364da2661108
34	http://secunia.com/advisories/35379	af854a3a-2127-422b-91ae-364da2661108
35	http://secunia.com/advisories/36057	af854a3a-2127-422b-91ae-364da2661108
36	http://secunia.com/advisories/36062	af854a3a-2127-422b-91ae-364da2661108
37	http://secunia.com/advisories/36790	af854a3a-2127-422b-91ae-364da2661108
38	http://secunia.com/advisories/37746	af854a3a-2127-422b-91ae-364da2661108
39	http://secunia.com/advisories/43068	af854a3a-2127-422b-91ae-364da2661108
40	http://securitytracker.com/id?1022345	af854a3a-2127-422b-91ae-364da2661108
41	http://support.apple.com/kb/HT3613	af854a3a-2127-422b-91ae-364da2661108
42	http://support.apple.com/kb/HT3639	af854a3a-2127-422b-91ae-364da2661108
43	http://www.debian.org/security/2009/dsa-1950	af854a3a-2127-422b-91ae-364da2661108
44	http://www.mandriva.com/security/advisories?name=MDVSA-2009:330	af854a3a-2127-422b-91ae-364da2661108
45	http://www.securityfocus.com/bid/35260	af854a3a-2127-422b-91ae-364da2661108
46	http://www.ubuntu.com/usn/USN-822-1	af854a3a-2127-422b-91ae-364da2661108
47	http://www.ubuntu.com/usn/USN-836-1	af854a3a-2127-422b-91ae-364da2661108
48	http://www.ubuntu.com/usn/USN-857-1	af854a3a-2127-422b-91ae-364da2661108
49	http://www.vupen.com/english/advisories/2009/1522	af854a3a-2127-422b-91ae-364da2661108
50	http://www.vupen.com/english/advisories/2009/1621	af854a3a-2127-422b-91ae-364da2661108
51	http://www.vupen.com/english/advisories/2011/0212	af854a3a-2127-422b-91ae-364da2661108
52	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11009	af854a3a-2127-422b-91ae-364da2661108
53	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html	af854a3a-2127-422b-91ae-364da2661108
54	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html	af854a3a-2127-422b-91ae-364da2661108
55	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html	af854a3a-2127-422b-91ae-364da2661108
56	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-399	リソース管理の問題	https://cwe.mitre.org/data/definitions/399.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apple:safari:::mac:::::*		4.0_beta
cpe:2.3:a:apple:safari:0.8::mac:::::
cpe:2.3:a:apple:safari:0.9::mac:::::
cpe:2.3:a:apple:safari:1.0::mac:::::
cpe:2.3:a:apple:safari:1.0.3::mac:::::
cpe:2.3:a:apple:safari:1.1::mac:::::
cpe:2.3:a:apple:safari:1.2::mac:::::
cpe:2.3:a:apple:safari:1.3::mac:::::
cpe:2.3:a:apple:safari:1.3.1::mac:::::
cpe:2.3:a:apple:safari:1.3.2::mac:::::
cpe:2.3:a:apple:safari:2.0::mac:::::
cpe:2.3:a:apple:safari:2.0.2::mac:::::
cpe:2.3:a:apple:safari:2.0.4::mac:::::
cpe:2.3:a:apple:safari:3.0::mac:::::
cpe:2.3:a:apple:safari:3.0.2:-:mac:::::*
cpe:2.3:a:apple:safari:3.0.3::mac:::::
cpe:2.3:a:apple:safari:3.0.4::mac:::::
cpe:2.3:a:apple:safari:3.1::mac:::::
cpe:2.3:a:apple:safari:3.1.1::mac:::::
cpe:2.3:a:apple:safari:3.1.2::mac:::::
cpe:2.3:a:apple:safari:3.2.1::mac:::::
cpe:2.3:a:apple:safari:3.2.3::mac:::::
cpe:2.3:a:apple:safari:::windows:::::*		3.2.3
cpe:2.3:a:apple:safari:3.0::windows:::::
cpe:2.3:a:apple:safari:3.0.1::windows:::::
cpe:2.3:a:apple:safari:3.0.2::windows:::::
cpe:2.3:a:apple:safari:3.0.3::windows:::::
cpe:2.3:a:apple:safari:3.0.4::windows:::::
cpe:2.3:a:apple:safari:3.1::windows:::::
cpe:2.3:a:apple:safari:3.1.1::windows:::::
cpe:2.3:a:apple:safari:3.1.2::windows:::::
cpe:2.3:a:apple:safari:3.2:-:windows:::::*
cpe:2.3:a:apple:safari:3.2.1::windows:::::
cpe:2.3:a:apple:safari:3.2.2::windows:::::
cpe:2.3:o:apple:iphone_os:1.0:::::::*
cpe:2.3:o:apple:iphone_os:1.0.0:::::::*
cpe:2.3:o:apple:iphone_os:1.0.1:::::::*
cpe:2.3:o:apple:iphone_os:1.0.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.0.2:::::::*
cpe:2.3:o:apple:iphone_os:1.0.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1:::::::*
cpe:2.3:o:apple:iphone_os:1.1.0:::::::*
cpe:2.3:o:apple:iphone_os:1.1.0:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.1:::::::*
cpe:2.3:o:apple:iphone_os:1.1.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.2:::::::*
cpe:2.3:o:apple:iphone_os:1.1.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.3:::::::*
cpe:2.3:o:apple:iphone_os:1.1.3:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.3:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.4:::::::*
cpe:2.3:o:apple:iphone_os:1.1.4:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.4:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:1.1.5:::::::*
cpe:2.3:o:apple:iphone_os:1.1.5:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:1.1.5:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.0:::::::*
cpe:2.3:o:apple:iphone_os:2.0.0:::::::*
cpe:2.3:o:apple:iphone_os:2.0.0:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.0.1:::::::*
cpe:2.3:o:apple:iphone_os:2.0.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.0.2:::::::*
cpe:2.3:o:apple:iphone_os:2.0.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.1:::::::*
cpe:2.3:o:apple:iphone_os:2.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.2:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.2:-:ipodtouch:::::*
cpe:2.3:o:apple:iphone_os:2.2.1:-:iphone:::::*
cpe:2.3:o:apple:iphone_os:2.2.1:-:ipodtouch:::::*
cpe:2.3:a:google:chrome:1.0.154.53:::::::*