Safari for Windows 4.0.5に任意のコードを実行される脆弱性が発見されたと、ノルウェーのセキュリティ企業Secuniaが報告しています。

Apple Safari "parent.close()" Code Execution Vulnerability - Advisories - Community コメントを見る コメントを見る

A vulnerability has been discovered in Apple Safari, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows.

The vulnerability is confirmed in Safari version 4.0.5 for Windows. Other versions may also be affected.


もっともSafari for Windows 4.0.5は脆弱性云々の前に自身がシステムにダメージを与える存在のような気もします。