• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WebKit Multiple Remote Code Execution, Denial of Service, and Information Disclosure Vulnerabilities

Bugtraq ID:	36995
Class:	Input Validation Error
CVE:	CVE-2009-3384
Remote:	Yes
Local:	No
Published:	Nov 11 2009 12:00AM
Updated:	Nov 19 2009 05:26PM
Credit:	Michal Zalewski of Google Inc. <br>&amp;amp;amp;lt;br&amp;amp;amp;gt;
Vulnerable:	WebKit Open Source Project WebKit r38566 WebKit Open Source Project WebKit 0 RedHat Fedora 12 RedHat Fedora 11 RedHat Fedora 10 Pardus Linux 2009 0 Apple Safari 4.0.3 for Windows Apple Safari 4.0.2 for Windows Apple Safari 3.2.3 for Windows Apple Safari 3.2.2 for Windows Apple Safari 3.1.2 for Windows Apple Safari 3.1.1 for Windows Apple Safari 3.0.4 Beta for Windows Apple Safari 3.0.3 Apple Safari 3.0.2 Beta for Windows Apple Safari 3.0.1 Beta for Windows Apple Safari 4 for Windows Apple Safari 3.1 for Windows Apple Safari 3 Beta for Windows
Not Vulnerable:	Apple Safari 4.0.4 for Windows