CVE-2009-1724 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-1724 Interim 1 3 2021-06-09T08:49:52Z current 2021-05-30T12:47:11Z 2021-06-09T08:49:52Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-1724 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html E-Mail link for SUSE-SR:2011:002 https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html E-Mail link for openSUSE-SU-2011:0024-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects. CVE-2009-1724 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N