CVE-2009-1709

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2009-1709 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by zdi-disclosures@tippingpoint.com.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-09-034

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2009-1709

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Apple Safari prior to version 4.0

Immune Systems:
* Apple Safari version 4.0 and later

The specific flaw exists in the garbage collection of JavaScript set elements in WebCore. When an SVG set object is appended to an SVG marker element that is dereferenced, calls to the targetElement attribute will fail to reference count the marker element. When the set element is appended to another object, subsequent calls to the targetElement attribute will result in a heap corruption which can be leveraged to execute arbitrary code under the context of the current user.

CVE Information:
CVE-2009-1709

Disclosure Timeline:
2008-11-10 - Vulnerability reported to vendor
2009-06-08 - Coordinated public release of advisory

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus