From:
Secunia (secunia.com/advisories/30775/)
Rating:
Highly critical
Description:
Some vulnerabilities and a security issue have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information or to compromise a user's system.
1) A boundary error within the handling of BMP and GIF images can be exploited to trigger an out-of-bounds read and disclose content in memory.
2) A security issue exists due to Safari automatically launching downloaded executable files from sites in a Internet Explorer 7 zone with the "Launching applications and unsafe files" option set to "Enable", or sites in the Internet Explorer 6 "Local intranet" or "Trusted sites" zone.
3) An unspecified error in the handling of Javascript arrays can be exploited to cause a memory corruption when a user visits a specially crafted web page.
Successful exploitation of this vulnerability may allow execution of arbitrary code.
The vulnerabilities are reported in Safari for Windows prior to version 3.1.2.
Solution:
Update to version 3.1.2.
apple.com/support/downloads/safari312forwindows.html
Or use the Apple Software Updater.