CVE-2009-1687

Priority
Description
The JavaScript garbage collector in WebKit in Apple Safari before 4.0,
iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1
does not properly handle allocation failures, which allows remote attackers
to execute arbitrary code or cause a denial of service (memory corruption
and application crash) via a crafted HTML document that triggers write
access to an "offset of a NULL pointer."
Assigned-to
micahg
Notes
jdstrandwebkit is a fork of khtml from kdelibs. kdelibs5 is farther from
it, while qt4-x11 attempts to unify khtml and webkit
mdeslaurwebkit code is at a different location in jaunty-
Package
Upstream:needs-triage
Patches:
Vendor:https://bugzilla.redhat.com/attachment.cgi?id=355170
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Patches:
Upstream:http://trac.webkit.org/changeset/41854
More Information

Updated: 2019-12-05 20:53:13 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)