Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2008-0298 — Improper Input Validation in Apple Safari
Severity
4.3MEDIUMNVD
EPSS
5.9%
top 9.36%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJan 16
Latest updateMay 1
Description
KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.
CVSS vector
AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9