CVE-2009-0744

Name of the Vulnerable Software and Affected Versions Apple Safari version 4 Beta build 528.16

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash. This can be achieved by using a feeds: URI that begins with certain characters, including %, {, }, ^, `` , or |, followed by an & character.

Recommendations For Apple Safari version 4 Beta build 528.16, avoid using the feeds: URI with the specified characters until a fix is available. As a temporary workaround, consider restricting the use of feeds: URI to minimize the risk of exploitation.