Unrated severityNVD Advisory· Published Jun 10, 2009· Updated Jun 16, 2026
CVE-2009-1714
CVE-2009-1714
Description
Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML attributes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
36cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*+ 34 more
- cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*range: <=4.0_beta
- cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*range: <=3.2.3
- (no CPE)range: <4.0
Patches
Vulnerability mechanics
References
14- lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlnvdPatchVendor Advisory
- support.apple.com/kb/HT3613nvdPatchVendor Advisory
- www.vupen.com/english/advisories/2009/1522nvdPatchVendor Advisory
- www.securityfocus.com/bid/35260nvdExploitPatch
- secunia.com/advisories/35379nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlnvd
- osvdb.org/55023nvd
- secunia.com/advisories/37746nvd
- secunia.com/advisories/43068nvd
- securitytracker.com/idnvd
- www.debian.org/security/2009/dsa-1950nvd
- www.securityfocus.com/bid/35348nvd
- www.vupen.com/english/advisories/2011/0212nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/51268nvd
News mentions
0No linked articles in our index yet.