mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
943 B
943 B
CVE-2009-1725
Description
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
POC
Reference
- https://bugzilla.redhat.com/show_bug.cgi?id=513813
- https://bugzilla.redhat.com/show_bug.cgi?id=513813
Github
No PoCs found on GitHub currently.