CVE-2008-2307
Published: 23 June 2008
Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption.
Notes
Author | Note |
---|---|
mdeslaur | qt4-x11 doesn't look vulnerable (code is different) |
Priority
Status
Package | Release | Status |
---|---|---|
webkit Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
feisty |
Does not exist
|
|
gutsy |
Ignored
(end of life, was needs-triage)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Not vulnerable
(1.0.1-2)
|
|
jaunty |
Not vulnerable
(1.0.1-4)
|
|
karmic |
Not vulnerable
(1.0.1-4)
|
|
lucid |
Not vulnerable
(1.0.1-4)
|
|
maverick |
Not vulnerable
(1.0.1-4)
|
|
natty |
Not vulnerable
(1.0.1-4)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://trac.webkit.org/changeset/34204 |