CVE-2009-1686

Priority
Medium
Description
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone
OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka
const) declarations in a type-conversion operation during JavaScript
exception handling, which allows remote attackers to execute arbitrary code
or cause a denial of service (memory corruption and application crash) via
a crafted HTML document.
References
Bugs
Notes
jdstrand> webkit is a fork of khtml from kdelibs. kdelibs5 is farther from
it, while qt4-x11 attempts to unify khtml and webkit
mdeslaur> code doesn't seem present in kde4libs
mdeslaur> code not present in webkit in intrepid+
mdeslaur> code is different in hardy, need to check with test case
mdeslaur> in qt4-x11, code doesn't seem present
Assigned-to
micahg
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (1.1.12-1ubuntu1)
Ubuntu 11.04 (Natty Narwhal):not-affected (1.1.12-1ubuntu1)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (1.1.12-1ubuntu1)
Patches:
Upstream:http://trac.webkit.org/changeset/31431
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):not-affected (no webkit)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (code not present)
Ubuntu 11.04 (Natty Narwhal):not-affected (code not present)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (code not present)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:51 UTC (commit 5347)