WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2009-06-10 07:30
Updated : 2011-02-16 22:43
NVD link : CVE-2009-1686
Mitre link : CVE-2009-1686
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
apple
- safari