Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-1699

The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."

Published

2009-06-10T18:00:00.517

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:N/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

6.9

Weaknesses

Type: Primary
CWE-611

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apple	safari	< 4.0	Yes
Operating System	apple	iphone_os	≤ 2.2.1	Yes
Operating System	canonical	ubuntu_linux	8.10	Yes
Operating System	canonical	ubuntu_linux	9.04	Yes
Operating System	opensuse	opensuse	11.2	Yes
Operating System	opensuse	opensuse	11.3	Yes

References

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html Mailing List ([email protected])
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Broken Link, Mailing List, Patch, Vendor Advisory ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html Mailing List ([email protected])
http://osvdb.org/54972 Broken Link ([email protected])
http://scary.beasts.org/security/CESA-2009-006.html Exploit ([email protected])
http://scarybeastsecurity.blogspot.com/2009/06/apples-safari-4-fixes-local-file-theft.html Exploit ([email protected])
http://secunia.com/advisories/35379 Broken Link, Vendor Advisory ([email protected])
http://secunia.com/advisories/43068 Broken Link ([email protected])
http://support.apple.com/kb/HT3613 Patch, Vendor Advisory ([email protected])
http://support.apple.com/kb/HT3639 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/35260 Broken Link, Exploit, Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/35321 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.ubuntu.com/usn/USN-857-1 Third Party Advisory ([email protected])
http://www.vupen.com/english/advisories/2009/1522 Broken Link, Patch, Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2009/1621 Broken Link ([email protected])
http://www.vupen.com/english/advisories/2011/0212 Broken Link ([email protected])
https://www.exploit-db.com/exploits/8907 Exploit, Third Party Advisory, VDB Entry ([email protected])
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Broken Link, Mailing List, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/54972 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://scary.beasts.org/security/CESA-2009-006.html Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://scarybeastsecurity.blogspot.com/2009/06/apples-safari-4-fixes-local-file-theft.html Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35379 Broken Link, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43068 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT3613 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT3639 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/35260 Broken Link, Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/35321 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-857-1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/1522 Broken Link, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/1621 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0212 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/8907 Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)