Secunia issues Safari vulnerability advisory

Security company Security issued a "moderately critical" security advisory this week for Safari v1.2.4. According to the advisory, "a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website." The current solution -- actually just a temporary workaround until this vulnerability is fixed -- is listed as "Do not browse untrusted sites while browsing trusted sites."

Resources