Vulnerabilities > CVE-2009-1042 - Remote Code Execution vulnerability in Apple Safari
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 1 |
References
- http://blogs.zdnet.com/security/?p=2934
- http://cansecwest.com/index.html
- http://dvlabs.tippingpoint.com/blog/2009/02/25/pwn2own-2009
- http://dvlabs.tippingpoint.com/blog/2009/03/18/pwn2own-2009-day-1---safari-internet-explorer-and-firefox-taken-down-by-four-zero-day-exploits
- http://news.cnet.com/8301-1009_3-10199652-83.html
- http://osvdb.org/52888
- http://twitter.com/tippingpoint1/status/1351485521
- http://www.h-online.com/security/Pwn2Own-2009-Safari-IE-8-and-Firefox-exploited--/news/112889
- http://www.securityfocus.com/bid/34183
- http://www.securitytracker.com/id?1021879
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49388