Unrated severityNVD Advisory· Published Feb 13, 2009· Updated Jun 16, 2026
CVE-2009-0137
CVE-2009-0137
Description
Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows XP and Vista, allow remote attackers to execute arbitrary JavaScript in the local security zone via a crafted feed: URL, related to "input validation issues."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3- lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlnvdPatchVendor Advisory
- lists.apple.com/archives/security-announce/2009/Feb/msg00001.htmlnvdPatchVendor Advisory
- support.apple.com/kb/HT3438nvd
News mentions
0No linked articles in our index yet.