QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0153

Published: May 13, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://support.apple.com/kb/HT3639

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

http://support.apple.com/kb/HT3549

x_refsource_CONFIRM

APPLE-SA-2009-06-08-1

vendor-advisory

x_refsource_APPLE

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

macos-icu-security-bypass(50488)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_BID

APPLE-SA-2009-06-17-1

vendor-advisory

x_refsource_APPLE

APPLE-SA-2009-05-12

vendor-advisory

x_refsource_APPLE

http://bugs.icu-project.org/trac/ticket/5691

x_refsource_CONFIRM

FEDORA-2009-6121

vendor-advisory

x_refsource_FEDORA

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_CERT

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

https://bugzilla.redhat.com/show_bug.cgi?id=503071

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://support.apple.com/kb/HT3613

x_refsource_CONFIRM

FEDORA-2009-6273

vendor-advisory

x_refsource_FEDORA

oval:org.mitre.oval:def:11366

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.