Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2009-1712

Date: June 10, 2009

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element.

Severity Score

Related Resources (19)

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://secunia.com/advisories/37746
http://www.vupen.com/english/advisories/2009/1522
http://www.debian.org/security/2009/dsa-1950
http://www.securityfocus.com/bid/35350
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.securityfocus.com/bid/35260
http://secunia.com/advisories/35379
http://secunia.com/advisories/43068
https://exchange.xforce.ibmcloud.com/vulnerabilities/51266
http://securitytracker.com/id?1022345
http://support.apple.com/kb/HT3613
https://nvd.nist.gov/vuln/detail/CVE-2009-1712
http://osvdb.org/55022
http://secunia.com/advisories/36790
http://www.ubuntu.com/usn/USN-857-1
http://www.vupen.com/english/advisories/2011/0212
http://www.ubuntu.com/usn/USN-836-1
https://www.mend.io/vulnerability-database/CVE-2009-1712

Severity Score

Weakness Type (CWE)

Code Injection

CWE-94

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): COMPLETE
Integrity (I): COMPLETE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us