CVE-2007-4431 Information

Description

Cross-domain vulnerability in Apple Safari for Windows 3.0.3 and earlier allows remote attackers to bypass the Same Origin Policy with access from local zones to external domains via a certain body.innerHTML property value aka \classic JavaScript frame hijacking.\

Reference

http://osvdb.org/46720 http://sla.ckers.org/forum/read.php?314151 http://www.0x000000.com/index.php?i=420 http://www.securityfocus.com/bid/25355 http://www.thespanner.co.uk/2007/08/17/safari-beta-zero-day/