|
|
|
|
| |
Credit:
The information has been provided by Nils.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-09-022/
|
| |
Vulnerable Systems:
* Mac OS X version 10.4.11
* Mac OS X Server version 10.4.11
The specific flaw exists during the parsing of malformed SVGLists via the SVGPathList data structure, the following lists are affected: SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, SVGLengthList. When a negative index argument is suppled to the insertItemBefore() method, a memory corruption occurs resulting in the ability to execute arbitrary code.
Patch Availability:
Update to Safari 3.2.3 - Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3549
CVE Information:
CVE-2009-0945
Disclosure Timeline:
2009-03-19 - Vulnerability reported to vendor
2009-05-13 - Coordinated public release of advisory
|
|
|
|
|
