Hackvertor

**Name of the Vulnerable Software and Affected Versions** Apple Safari for Windows versions 3.0.3 and earlier **Description** The issue allows remote attackers to bypass the Same Origin Policy, enabling access from local zones to external domains. This is achieved via a certain `body.innerHTML` property value, which facilitates a classic JavaScript frame hijacking attack. **Recommendations** For Apple Safari for Windows versions 3.0.3 and earlier, update to a version later than 3.0.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Safari version 2.0.4 **Description** A cross-domain issue allows remote attackers to access restricted information from other domains via Javascript. This can be achieved through a js script that accesses the location information of cross-domain web pages, possibly involving `setTimeout` and timed events. **Recommendations** For Apple Safari version 2.0.4, consider disabling Javascript execution for cross-domain requests as a temporary workaround until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.