Unrated severityNVD Advisory· Published Jun 10, 2009· Updated Jun 16, 2026
CVE-2009-1711
CVE-2009-1711
Description
WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
35cpe:2.3:a:apple:safari:0.8:*:mac:*:*:*:*:*+ 34 more
- cpe:2.3:a:apple:safari:0.8:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:0.9:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0.3:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.1:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.1:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.2:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.2:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.4:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.2:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.3:*:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2:*:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:*:mac:*:*:*:*:*range: <=4.0_beta
- cpe:2.3:a:apple:safari:*:*:windows:*:*:*:*:*range: <=3.2.3
- (no CPE)range: <4.0
Patches
Vulnerability mechanics
References
17- lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlnvdPatchVendor Advisory
- support.apple.com/kb/HT3613nvdPatchVendor Advisory
- www.vupen.com/english/advisories/2009/1522nvdPatchVendor Advisory
- www.securityfocus.com/bid/35260nvdExploitPatch
- secunia.com/advisories/35379nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlnvd
- osvdb.org/55015nvd
- secunia.com/advisories/36790nvd
- secunia.com/advisories/37746nvd
- secunia.com/advisories/43068nvd
- securitytracker.com/idnvd
- www.debian.org/security/2009/dsa-1950nvd
- www.securityfocus.com/bid/35310nvd
- www.ubuntu.com/usn/USN-836-1nvd
- www.ubuntu.com/usn/USN-857-1nvd
- www.vupen.com/english/advisories/2011/0212nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/51265nvd
News mentions
0No linked articles in our index yet.