URL address bar spoofing in the Windows Safari 3 Beta, and cross domain request flaws allowing JavaScript to modify sites outside of the original domain.

WebCore and WebKit vulnerabilities may lead to arbitrary code execution or application crashes due to poor handling of XMLHttpRequest requests and poor frame handling.

Description:

Several vulnerabilities affecting Safari, WebCore, and WebKit have been patched by Apple in a cumulative update for the Safari 3 Beta release for both Windows and OS X. In the worst case, these vulnerabilities could allow a malicious attacker to take control of a vulnerable system by tricking a victim into visiting a malicious site.

It should be noted that the vulnerabilities from Security Update 2007-006 also apply to the Windows Safari 3 Beta installations, and will be installed alongside the updates to Safari.

Mitigation:

Apply Safari Beta Update 3.0.2 at the earliest opportunity. Users who have not applied Security Update 2007-006 will also find that it is applied alongside the Safari beta update.

Updates:

http://www.apple.com/safari/download/

Source:

http://www.apple.com/safari/download/

Exploits:

CVE-ID: CVE-2007-2398 CVE-ID: CVE2007-2400