Unrated severityNVD Advisory· Published Jun 10, 2009· Updated Jun 16, 2026
CVE-2009-1709
CVE-2009-1709
Description
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
36cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*+ 34 more
- cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*range: <=4.0_beta
- cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*range: <=3.2.3
- (no CPE)range: <4.0
Patches
Vulnerability mechanics
References
18- lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlnvdPatchVendor Advisory
- support.apple.com/kb/HT3613nvdPatchVendor Advisory
- secunia.com/advisories/35379nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1522nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlnvd
- osvdb.org/55013nvd
- secunia.com/advisories/35576nvd
- secunia.com/advisories/36461nvd
- secunia.com/advisories/43068nvd
- securitytracker.com/idnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2009-1130.htmlnvd
- www.securityfocus.com/bid/35260nvd
- www.securityfocus.com/bid/35334nvd
- www.vupen.com/english/advisories/2011/0212nvd
- www.zerodayinitiative.com/advisories/ZDI-09-034/nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162nvd
- usn.ubuntu.com/823-1/nvd
News mentions
0No linked articles in our index yet.