CVE-2009-1687

Name	CVE-2009-1687
Description	The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an "offset of a NULL pointer."
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1867-1, DSA-1868-1, DSA-1950-1, DSA-1988-1
Debian Bugs	534946, 534952

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
kde4libs (PTS)	jessie, jessie (lts)	4:4.14.2-5+deb8u3	fixed
	stretch (lts), stretch	4:4.14.26-2+deb9u1	fixed
	buster	4:4.14.38-3	fixed
qt4-x11 (PTS)	jessie, jessie (lts)	4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u5	fixed
	stretch (security)	4:4.8.7+dfsg-11+deb9u3	fixed
	stretch (lts), stretch	4:4.8.7+dfsg-11+deb9u4	fixed
	buster (security), buster, buster (lts)	4:4.8.7+dfsg-18+deb10u2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
kde4libs	source	lenny	4:4.1.0-3+lenny1		DSA-1868-1
kde4libs	source	(unstable)	4:4.3.0-1
kdelibs	source	etch	4:3.5.5a.dfsg.1-8etch2		DSA-1867-1
kdelibs	source	lenny	4:3.5.10.dfsg.1-0lenny2		DSA-1867-1
kdelibs	source	(unstable)	4:3.5.10.dfsg.1-2.1			534952
qt4-x11	source	etch	(not affected)
qt4-x11	source	lenny	4.4.3-1+lenny1		DSA-1988-1
qt4-x11	source	(unstable)	4:4.5.2-1	medium		534946
webkit	source	lenny	1.0.1-4+lenny2		DSA-1950-1
webkit	source	(unstable)	1.1.5-1	medium		534946

http://trac.webkit.org/changeset/41854
[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)