{"id":"CVE-2009-0945","details":"Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.","modified":"2024-06-30T15:59:07.737739Z","published":"2009-05-13T17:30:00Z","withdrawn":"2024-06-30T15:59:07.737739Z","related":["openSUSE-SU-2024:10180-1"],"references":[{"type":"FIX","url":"http://lists.apple.com/archives/security-announce/2009/May/msg00000.html"},{"type":"FIX","url":"http://lists.apple.com/archives/security-announce/2009/May/msg00001.html"},{"type":"FIX","url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/35056"},{"type":"ADVISORY","url":"http://secunia.com/advisories/35074"},{"type":"ADVISORY","url":"http://secunia.com/advisories/35095"},{"type":"ADVISORY","url":"http://secunia.com/advisories/35576"},{"type":"ADVISORY","url":"http://secunia.com/advisories/35805"},{"type":"ADVISORY","url":"http://secunia.com/advisories/36062"},{"type":"ADVISORY","url":"http://secunia.com/advisories/36461"},{"type":"ADVISORY","url":"http://secunia.com/advisories/36790"},{"type":"ADVISORY","url":"http://secunia.com/advisories/37746"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43068"},{"type":"FIX","url":"http://support.apple.com/kb/HT3549"},{"type":"ADVISORY","url":"http://www.debian.org/security/2009/dsa-1950"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-822-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-836-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-857-1"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2009/1297"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2009/1298"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2009/1321"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2009/1621"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0212"},{"type":"ADVISORY","url":"http://www.zerodayinitiative.com/advisories/ZDI-09-022"},{"type":"ARTICLE","url":"http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html"},{"type":"WEB","url":"http://code.google.com/p/chromium/issues/detail?id=9019"},{"type":"WEB","url":"http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"},{"type":"WEB","url":"http://support.apple.com/kb/HT3550"},{"type":"WEB","url":"http://support.apple.com/kb/HT3639"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2009-1130.html"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/503594/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/bid/34924"},{"type":"WEB","url":"http://www.securitytracker.com/id?1022207"},{"type":"WEB","url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/50477"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584"},{"type":"WEB","url":"https://usn.ubuntu.com/823-1/"},{"type":"WEB","url":"https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html"},{"type":"WEB","url":"https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html"},{"type":"WEB","url":"https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html"}],"affected":[{"package":{"name":"kde4libs","ecosystem":"Debian:10","purl":"pkg:deb/debian/kde4libs?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:4.3.0-1"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-0945.json"}},{"package":{"name":"qt4-x11","ecosystem":"Debian:10","purl":"pkg:deb/debian/qt4-x11?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:4.5.2-1"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-0945.json"}}],"schema_version":"1.7.3"}