CVE-2009-1725 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-1725 Interim 1 11 2023-12-09T02:04:04Z current 2021-05-30T12:47:12Z 2023-12-09T02:04:04Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-1725 WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C2VK7FPKD3ZEG555N25GLTFTZJJB237A/#C2VK7FPKD3ZEG555N25GLTFTZJJB237A E-Mail link for SUSE-SR:2011:002 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server for SAP Applications 11 kdelibs3-3.5.10-23.30.1 kdelibs3-32bit-3.5.10-23.30.1 kdelibs3-default-style-3.5.10-23.30.1 kdelibs3-default-style-32bit-3.5.10-23.30.1 kdelibs3-default-style-x86-3.5.10-23.30.1 kdelibs3-x86-3.5.10-23.30.1 kdelibs4-4.1.3-8.21.1 kdelibs4-core-4.1.3-8.21.1 libkde4-32bit-4.1.3-8.21.1 libkde4-4.1.3-8.21.1 libkde4-x86-4.1.3-8.21.1 libkdecore4-32bit-4.1.3-8.21.1 libkdecore4-4.1.3-8.21.1 libkdecore4-x86-4.1.3-8.21.1 kdelibs3-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server 11 kdelibs3-32bit-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server 11 kdelibs3-default-style-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server 11 kdelibs3-default-style-32bit-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server 11 kdelibs3-default-style-x86-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server 11 kdelibs3-x86-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server 11 kdelibs4-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 kdelibs4-core-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 libkde4-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 libkde4-32bit-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 libkde4-x86-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 libkdecore4-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 libkdecore4-32bit-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 libkdecore4-x86-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server 11 kdelibs3-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 kdelibs3-32bit-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 kdelibs3-default-style-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 kdelibs3-default-style-32bit-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 kdelibs3-default-style-x86-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 kdelibs3-x86-3.5.10-23.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 kdelibs4-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 kdelibs4-core-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libkde4-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libkde4-32bit-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libkde4-x86-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libkdecore4-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libkdecore4-32bit-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libkdecore4-x86-4.1.3-8.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. CVE-2009-1725 SUSE Linux Enterprise Server 11:kdelibs3-3.5.10-23.30.1 SUSE Linux Enterprise Server 11:kdelibs3-32bit-3.5.10-23.30.1 SUSE Linux Enterprise Server 11:kdelibs3-default-style-3.5.10-23.30.1 SUSE Linux Enterprise Server 11:kdelibs3-default-style-32bit-3.5.10-23.30.1 SUSE Linux Enterprise Server 11:kdelibs3-default-style-x86-3.5.10-23.30.1 SUSE Linux Enterprise Server 11:kdelibs3-x86-3.5.10-23.30.1 SUSE Linux Enterprise Server 11:kdelibs4-4.1.3-8.21.1 SUSE Linux Enterprise Server 11:kdelibs4-core-4.1.3-8.21.1 SUSE Linux Enterprise Server 11:libkde4-4.1.3-8.21.1 SUSE Linux Enterprise Server 11:libkde4-32bit-4.1.3-8.21.1 SUSE Linux Enterprise Server 11:libkde4-x86-4.1.3-8.21.1 SUSE Linux Enterprise Server 11:libkdecore4-4.1.3-8.21.1 SUSE Linux Enterprise Server 11:libkdecore4-32bit-4.1.3-8.21.1 SUSE Linux Enterprise Server 11:libkdecore4-x86-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs3-3.5.10-23.30.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs3-32bit-3.5.10-23.30.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs3-default-style-3.5.10-23.30.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs3-default-style-32bit-3.5.10-23.30.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs3-default-style-x86-3.5.10-23.30.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs3-x86-3.5.10-23.30.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs4-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:kdelibs4-core-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:libkde4-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:libkde4-32bit-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:libkde4-x86-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:libkdecore4-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:libkdecore4-32bit-4.1.3-8.21.1 SUSE Linux Enterprise Server for SAP Applications 11:libkdecore4-x86-4.1.3-8.21.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C