Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Ubuntu 8.10 USN-676-1 Critical: WebKit Code Execution Risk

Calendar Nov 24, 2008 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical code execution ubuntu browser crash webkit css import
It was discovered that WebKit did not properly handle Cascading Style Sheets (CSS) import statements. If a user were tricked into opening a malicious website, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges. 
==========================================================Ubuntu Security Notice USN-676-1          November 24, 2008
webkit vulnerability
CVE-2008-3632
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libwebkit-1.0-1                 1.0.1-2ubuntu0.1

After a standard system upgrade you need to restart any applications that
use WebKit, such as Epiphany-webkit and Midori, to effect the necessary
changes.

Details follow:

It was discovered that WebKit did not properly handle Cascading Style Sheets
(CSS) import statements. If a user were tricked into opening a malicious
website, an attacker could cause a browser crash and possibly execute
arbitrary code with user privileges.


Updated packages for Ubuntu 8.10:

  Source archives:

          Size/MD5:    21219 e7f04089c687141f512cb5066d1a1c30
          Size/MD5:     1538 23427df68878b3540e082d778cf74ed2
          Size/MD5: 13418752 4de68a5773998bea14e8939aa341c466

  Architecture independent packages:

          Size/MD5:    33888 3d3e394977eb1a52a81694786831075b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5: 62588488 b87a1a306e88f330a034de2374f08998
          Size/MD5:  3498192 08f5383449a42b900a7a541a50f309d7

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5: 62196494 3b3c6e6c871e45ebda20daeb377c261b
          Size/MD5:  3012354 f1528e6e6dedd94de7cf80bc8cf00c83

  lpia architecture (Low Power Intel Architecture):

          Size/MD5: 62283008 74002deca41e5eb530475b1b8162948c
          Size/MD5:  2965064 a7e3b539e899ad5b1fae915f9da5fce2

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5: 64792472 dcaf2d61a355ef62a6bdc423aa68bbe2
          Size/MD5:  3291430 50b79b1e9dfd831cd4fb3ffeb6342ec8

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5: 63702930 9a411dc78d88cdeadf1e105eafa84b31
          Size/MD5:  3495810 b945ea2113760479bdc8be11aafe0272

Ubuntu 8.10 USN-676-1 Critical: WebKit Code Execution Risk

ubuntu
Calendar Grey November 24, 2008
Dist Ubuntu Esm H88
Debian Security Advisory DSA-1234-1 addresses a critical vulnerability in OpenSSL that could lead to denial-of-service attacks and unauthorized access.
It was discovered that WebKit did not properly handle Cascading Style Sheets (CSS) import statements

Summary

Topics%20covered

Topics Covered

security advisory critical code execution ubuntu browser crash webkit css import

Update Instructions

References

Severity
critical
Lowest
Low
Medium
High
Critical

webkit vulnerability

Topics%20covered

Topics Covered

security advisory critical code execution ubuntu browser crash webkit css import

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here