CVE-2008-0298

Apple Safari - Improper Input Validation

Title source: rule

Description

KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.

Exploits (1)

exploitdb WORKING POC VERIFIED

by David Barroso · htmldososx

https://www.exploit-db.com/exploits/31021

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39635

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/486202/100/0/threaded

[Exploit] http://www.s21sec.com/avisos/s21sec-039-en.txt

[Third Party Advisory] http://securityreason.com/securityalert/3549

[Exploit] http://www.securityfocus.com/bid/27261

Scores

EPSS 0.0593

EPSS Percentile 90.7%

Details

CWE

CWE-20

Status published

Products (5)

apple/safari 2.0

apple/safari 2.0.1

apple/safari 2.0.2

apple/safari 2.0.3

apple/safari 2.0.4

Published Jan 16, 2008

Tracked Since Feb 18, 2026