Vulnerability Details : CVE-2009-1693
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."
Exploit prediction scoring system (EPSS) score for CVE-2009-1693
Probability of exploitation activity in the next 30 days: 0.48%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-1693
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
References for CVE-2009-1693
-
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
Patch;Vendor Advisory
-
http://support.apple.com/kb/HT3613
About the security content of Safari 4.0 - Apple SupportPatch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2011/0212
Webmail | OVH- OVH
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
-
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2011:002
-
http://www.securityfocus.com/bid/35331
-
http://www.vupen.com/english/advisories/2009/1522
Webmail: access your OVH emails on ovhcloud.com | OVHcloudPatch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2009/1621
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.securityfocus.com/bid/35260
Exploit;Patch
-
http://support.apple.com/kb/HT3639
About the security content of iOS 3.0 Software Update - Apple Support
- http://www.debian.org/security/2009/dsa-1950
Products affected by CVE-2009-1693
- cpe:2.3:a:apple:safari:*:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:0.8:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.0.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.2:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:2.0.4:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.3.1:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:0.9:-:mac:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.2:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.3:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.4:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.0.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.2.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1:-:windows:*:*:*:*:*
- cpe:2.3:a:apple:safari:3.1.1:-:windows:*:*:*:*:*