PDA

View Full Version : USN-676-1: WebKit vulnerability



rss-bot
November 24th, 2008, 06:50 PM
Referenced CVEs:
CVE-2008-3632


Description:
================================================== ========= Ubuntu Security Notice USN-676-1 November 24, 2008 webkit vulnerability CVE-2008-3632 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: libwebkit-1.0-1 1.0.1-2ubuntu0.1 After a standard system upgrade you need to restart any applications that use WebKit, such as Epiphany-webkit and Midori, to effect the necessary changes. Details follow: It was discovered that WebKit did not properly handle Cascading Style Sheets (CSS) import statements. If a user were tricked into opening a malicious website, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges.





More... (http://www.ubuntu.com/usn/USN-676-1)