Description
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Thierry Zoller · textdosmultiple
https://www.exploit-db.com/exploits/9160
References (20)
Core 20
Core References
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT3639
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35446
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/9160
Various Sources x_refsource_misc
http://www.g-sec.lu/one-bug-to-rule-them-all.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43068
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1621
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0212
Various Sources x_refsource_confirm
http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#121
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35414
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504988/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37746
Vendor Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/36977
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2009/dsa-1950
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/505006/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/55242
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504969/100/0/threaded
Various Sources x_refsource_misc
https://bugs.webkit.org/show_bug.cgi?id=23319
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504989/100/0/threaded
Scores
EPSS
0.0427
EPSS Percentile
88.9%
Details
CWE
CWE-399
Status
published
Products (20)
apple/iphone_os
1.0.0
apple/iphone_os
1.0.1
apple/iphone_os
1.0.2
apple/iphone_os
1.1.0
apple/iphone_os
1.1.1
apple/iphone_os
1.1.2
apple/iphone_os
1.1.3
apple/iphone_os
1.1.4
apple/iphone_os
1.1.5
apple/iphone_os
2.0
... and 10 more
Published
Jun 19, 2009
Tracked Since
Feb 18, 2026