Home > Vulnerability Database > CVE-2009-1692

Mend.io Vulnerability Database

CVE-2009-1692

Date: June 19, 2009

WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.

Severity Score

5.9

Related Resources (22)

Url: http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#121

Url: http://secunia.com/advisories/37746

Url: http://www.vupen.com/english/advisories/2009/1621

Url: http://www.debian.org/security/2009/dsa-1950

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-1692

Url: http://secunia.com/advisories/36977

Url: http://www.securityfocus.com/archive/1/504989/100/0/threaded

Url: https://bugs.webkit.org/show_bug.cgi?id=23319

Url: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Url: http://www.securityfocus.com/bid/35446

Url: http://secunia.com/advisories/43068

Url: http://www.securityfocus.com/bid/35414

Url: http://osvdb.org/55242

Url: http://www.g-sec.lu/one-bug-to-rule-them-all.html

Url: http://www.securityfocus.com/archive/1/504988/100/0/threaded

Url: http://www.securityfocus.com/archive/1/504969/100/0/threaded

Url: http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

Url: http://www.securityfocus.com/archive/1/505006/100/0/threaded

Url: http://www.vupen.com/english/advisories/2011/0212

Url: http://support.apple.com/kb/HT3639

Url: https://www.exploit-db.com/exploits/9160

Url: https://www.mend.io/vulnerability-database/CVE-2009-1692

Severity Score

5.9

Weakness Type (CWE)

Resource Management Errors

CWE-399

CVSS v3.1

Base Score:	5.9
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	7.1
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-1692

Date: June 19, 2009

Severity Score

Related Resources (22)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?