WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-06-10T17:37:00
Updated: 2018-10-10T18:57:01
Reserved: 2009-05-20T00:00:00
Link: CVE-2009-1698
JSON object: View
NVD Information
Status : Modified
Published: 2009-06-10T18:00:00.500
Modified: 2022-08-09T13:48:59.020
Link: CVE-2009-1698
JSON object: View
Redhat Information
No data.
CWE