CVE - CVE-2009-0153

CVE-ID
CVE-2009-0153	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2009-05-12 URL:http://lists.apple.com/archives/security-announce/2009/May/msg00002.html APPLE:APPLE-SA-2009-06-08-1 URL:http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html APPLE:APPLE-SA-2009-06-17-1 URL:http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html BID:34926 URL:http://www.securityfocus.com/bid/34926 BID:34974 URL:http://www.securityfocus.com/bid/34974 CERT:TA09-133A URL:http://www.us-cert.gov/cas/techalerts/TA09-133A.html CONFIRM:http://bugs.icu-project.org/trac/ticket/5691 CONFIRM:http://support.apple.com/kb/HT3549 CONFIRM:http://support.apple.com/kb/HT3613 CONFIRM:http://support.apple.com/kb/HT3639 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=503071 FEDORA:FEDORA-2009-6121 URL:https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00336.html FEDORA:FEDORA-2009-6273 URL:https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00478.html OVAL:oval:org.mitre.oval:def:11366 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11366 REDHAT:RHSA-2009:1122 URL:http://www.redhat.com/support/errata/RHSA-2009-1122.html SECUNIA:35074 URL:http://secunia.com/advisories/35074 SECUNIA:35379 URL:http://secunia.com/advisories/35379 SECUNIA:35436 URL:http://secunia.com/advisories/35436 SECUNIA:35498 URL:http://secunia.com/advisories/35498 SECUNIA:35584 URL:http://secunia.com/advisories/35584 VUPEN:ADV-2009-1297 URL:~~http://www.vupen.com/english/advisories/2009/1297~~ (Obsolete source) VUPEN:ADV-2009-1522 URL:~~http://www.vupen.com/english/advisories/2009/1522~~ (Obsolete source) VUPEN:ADV-2009-1621 URL:~~http://www.vupen.com/english/advisories/2009/1621~~ (Obsolete source) XF:macos-icu-security-bypass(50488) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/50488
Assigning CNA
MITRE Corporation
Date Record Created
20090116	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090116)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)