Apple Safari CoreGraphics TrueType Font Handling Remote Code Execution Vulnerability

Bugtraq ID: 35308
Class: Design Error
CVE: CVE-2009-1705
Remote: Yes
Local: No
Published: Jun 08 2009 12:00AM
Updated: Jun 11 2009 06:59PM
Credit: Clint Ruoho of Laconic Security and Tavis Ormandy of Google Security Team.
Vulnerable: Apple Safari 3.2.3 for Windows
Apple Safari 3.2.2 for Windows
Apple Safari 3.1.2 for Windows
Apple Safari 3.1.1 for Windows
Apple Safari 3.0.4 Beta for Windows
Apple Safari 3.0.3 Beta for Windows
Apple Safari 3.0.2 Beta for Windows
Apple Safari 3.0.1 Beta for Windows
Apple Safari 3.1 for Windows
Apple Safari 3 Beta for Windows
Not Vulnerable: Apple Safari 4 for Windows


 

Privacy Statement
Copyright 2010, SecurityFocus