CVE-2009-0137 Information

Description

Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6 and Windows XP and Vista allow remote attackers to execute arbitrary JavaScript in the local security zone via a crafted feed: URL related to \input validation issues.\

Reference

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00001.html http://support.apple.com/kb/HT3438