CVE-2009-1712

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element.

Published: Jun 10, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-1712
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
apple / safari	1.1	1.1.x
apple / safari	1.3.1	1.3.1.x
apple / safari	3.2.3	3.2.3.x
apple / safari	2.0.2	2.0.2.x
apple / safari	3.1	3.1.x
apple / safari	3.1.2	3.1.2.x
apple / safari	3.0	3.0.x
apple / safari	0.8	0.8.x
apple / safari	2.0	2.0.x
apple / safari	3.0.4	3.0.4.x
apple / safari	0.9	0.9.x
apple / safari	3.0.3	3.0.3.x
apple / safari	1.3.2	1.3.2.x
apple / safari	1.2	1.2.x
apple / safari	-	4.0_beta.x
apple / safari	3.2.1	3.2.1.x
apple / safari	3.0.2	3.0.2.x
apple / safari	2.0.4	2.0.4.x
apple / safari	3.1.1	3.1.1.x
apple / safari	1.0.3	1.0.3.x
apple / safari	1.0	1.0.x
apple / safari	1.3	1.3.x
apple / safari	3.2	3.2.x
apple / safari	3.0.1	3.0.1.x
apple / safari	-	3.2.3.x
apple / safari	3.2.2	3.2.2.x

Vulnerability Database

289,697

CVE-2009-1712