5.8

CVE-2009-1693

Exploit

EPSS 0.57%
Published 10.06.2009 14:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."

Affected products Warnungen 0 Metrics 2 CWE 0 References 18

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ Safari Update- Editionmac Version <= 4.0_beta

Apple ≫ Safari Version0.8 Update- Editionmac

Apple ≫ Safari Version0.9 Update- Editionmac

Apple ≫ Safari Version1.0 Update- Editionmac

Apple ≫ Safari Version1.0.3 Update- Editionmac

Apple ≫ Safari Version1.1 Update- Editionmac

Apple ≫ Safari Version1.2 Update- Editionmac

Apple ≫ Safari Version1.3 Update- Editionmac

Apple ≫ Safari Version1.3.1 Update- Editionmac

Apple ≫ Safari Version1.3.2 Update- Editionmac

Apple ≫ Safari Version2.0 Update- Editionmac

Apple ≫ Safari Version2.0.2 Update- Editionmac

Apple ≫ Safari Version2.0.4 Update- Editionmac

Apple ≫ Safari Version3.0 Update- Editionmac

Apple ≫ Safari Version3.0.2 Update- Editionmac

Apple ≫ Safari Version3.0.3 Update- Editionmac

Apple ≫ Safari Version3.0.4 Update- Editionmac

Apple ≫ Safari Version3.1 Update- Editionmac

Apple ≫ Safari Version3.1.1 Update- Editionmac

Apple ≫ Safari Version3.1.2 Update- Editionmac

Apple ≫ Safari Version3.2.1 Update- Editionmac

Apple ≫ Safari Version3.2.3 Update- Editionmac

Apple ≫ Safari Update- Editionwindows Version <= 3.2.3

Apple ≫ Safari Version3.0 Update- Editionwindows

Apple ≫ Safari Version3.0.1 Update- Editionwindows

Apple ≫ Safari Version3.0.2 Update- Editionwindows

Apple ≫ Safari Version3.0.3 Update- Editionwindows

Apple ≫ Safari Version3.0.4 Update- Editionwindows

Apple ≫ Safari Version3.1 Update- Editionwindows

Apple ≫ Safari Version3.1.1 Update- Editionwindows

Apple ≫ Safari Version3.1.2 Update- Editionwindows

Apple ≫ Safari Version3.2 Update- Editionwindows

Apple ≫ Safari Version3.2.1 Update- Editionwindows

Apple ≫ Safari Version3.2.2 Update- Editionwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.57%	0.677

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html

Patch

Vendor Advisory

http://secunia.com/advisories/35379

Vendor Advisory

http://support.apple.com/kb/HT3613

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2009/1522

Patch

Vendor Advisory

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

http://support.apple.com/kb/HT3639

http://www.vupen.com/english/advisories/2009/1621

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://secunia.com/advisories/43068

http://www.vupen.com/english/advisories/2011/0212

http://secunia.com/advisories/37746

http://www.debian.org/security/2009/dsa-1950

http://www.securityfocus.com/bid/35260

Patch

Exploit

http://osvdb.org/55004

http://www.securityfocus.com/bid/35331

https://nvd.nist.gov/vuln/detail/CVE-2009-1693

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1693

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1693

EUVD