CVE-2009-2199

Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*
cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*
cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:04

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html - Patch, Vendor Advisory () http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html - Patch, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html - () http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html -
References () http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html - () http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html -
References () http://secunia.com/advisories/36677 - Vendor Advisory () http://secunia.com/advisories/36677 - Vendor Advisory
References () http://secunia.com/advisories/43068 - Vendor Advisory () http://secunia.com/advisories/43068 - Vendor Advisory
References () http://support.apple.com/kb/HT3733 - Patch, Vendor Advisory () http://support.apple.com/kb/HT3733 - Patch, Vendor Advisory
References () http://support.apple.com/kb/HT3860 - () http://support.apple.com/kb/HT3860 -
References () http://www.securityfocus.com/bid/36026 - Patch () http://www.securityfocus.com/bid/36026 - Patch
References () http://www.securitytracker.com/id?1022719 - () http://www.securitytracker.com/id?1022719 -
References () http://www.vupen.com/english/advisories/2011/0212 - Vendor Advisory () http://www.vupen.com/english/advisories/2011/0212 - Vendor Advisory

09 Aug 2022, 13:48

Type Values Removed Values Added
CPE cpe:2.3:h:apple:iphone:*:*:*:*:*:*:*:*

Information

Published : 2009-08-12 19:30

Updated : 2024-11-21 01:04


NVD link : CVE-2009-2199

Mitre link : CVE-2009-2199

CVE.ORG link : CVE-2009-2199


JSON object : View

Products Affected

apple

  • iphone_os
  • safari
  • ipod_touch