CVE-2009-1699 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2009-1699?

CVE-2009-1699 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2009-1699?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari, Apple Iphone Os, Canonical Ubuntu Linux, Opensuse Opensuse.

Vulnerability Description

The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Apple	Safari	< 4.0
Apple	Iphone Os	>= 1.0.0, <= 2.2.1
Canonical	Ubuntu Linux	8.10
Opensuse	Opensuse	11.2

Related Weaknesses (CWE)

CWE-611

References

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlMailing List
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlBroken LinkMailing ListPatch
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlMailing List
http://osvdb.org/54972Broken Link
http://scary.beasts.org/security/CESA-2009-006.htmlExploit
http://scarybeastsecurity.blogspot.com/2009/06/apples-safari-4-fixes-local-file-Exploit
http://secunia.com/advisories/35379Broken LinkVendor Advisory
http://secunia.com/advisories/43068Broken Link
http://support.apple.com/kb/HT3613PatchVendor Advisory
http://support.apple.com/kb/HT3639Vendor Advisory
http://www.securityfocus.com/bid/35260Broken LinkExploitThird Party Advisory
http://www.securityfocus.com/bid/35321Broken LinkThird Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-857-1Third Party Advisory
http://www.vupen.com/english/advisories/2009/1522Broken LinkPatchVendor Advisory
http://www.vupen.com/english/advisories/2009/1621Broken Link

FAQ

What is CVE-2009-1699?

CVE-2009-1699 is a vulnerability with a CVSS score of 7.5 (HIGH). The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, whic...

How severe is CVE-2009-1699?

CVE-2009-1699 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-1699?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari, Apple Iphone Os, Canonical Ubuntu Linux, Opensuse Opensuse.