CVE-2009-0945

N/A Unknown

Published: May 13, 2009 Modified: April 23, 2026

Description

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=9019

Source: cve@mitre.org

http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2009/May/msg00000.html

Source: cve@mitre.org

Patch Vendor Advisory

http://lists.apple.com/archives/security-announce/2009/May/msg00001.html

Source: cve@mitre.org

Patch Vendor Advisory

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Source: cve@mitre.org

Patch Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Source: cve@mitre.org

http://secunia.com/advisories/35056

Source: cve@mitre.org

http://secunia.com/advisories/35074

Source: cve@mitre.org

http://secunia.com/advisories/35095

Source: cve@mitre.org

http://secunia.com/advisories/35576

Source: cve@mitre.org

http://secunia.com/advisories/35805

Source: cve@mitre.org

http://secunia.com/advisories/36062

Source: cve@mitre.org

http://secunia.com/advisories/36461

Source: cve@mitre.org

http://secunia.com/advisories/36790

Source: cve@mitre.org

http://secunia.com/advisories/37746

Source: cve@mitre.org

http://secunia.com/advisories/43068

Source: cve@mitre.org

http://support.apple.com/kb/HT3549

Source: cve@mitre.org

Patch Vendor Advisory

http://support.apple.com/kb/HT3550

Source: cve@mitre.org

http://support.apple.com/kb/HT3639

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1950

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2009-1130.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/503594/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/34924

Source: cve@mitre.org

http://www.securitytracker.com/id?1022207

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-822-1

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-836-1

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-857-1

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2009/1297

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1298

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1321

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1621

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/0212

Source: cve@mitre.org

http://www.zerodayinitiative.com/advisories/ZDI-09-022

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/50477

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584

Source: cve@mitre.org

https://usn.ubuntu.com/823-1/

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html

Source: cve@mitre.org

http://code.google.com/p/chromium/issues/detail?id=9019