CVE-2008-0298

Publication date 16 January 2008

Last updated 24 July 2024

Description

KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
webkit	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Not affected
	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

I can't find detailed info on this bug but: Safari 3 is not vulnerable, and webkit in gutsy is more recent Also, test exploit doesn't work in gutsy

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.s21sec.com/avisos/s21sec-039-en.txt
https://www.cve.org/CVERecord?id=CVE-2008-0298