Safari is a web browser for Mac OS X and Windows.
Apple Safari 4.0.5 for Windows (and probably earlier) allows remote attackers to execute arbitrary code by enticing the user to open a crafted HTML document. The crafted HTML page can create a pop-up window using the window.open() method, and then call the parent window's window.close() method, thereby triggering the vulnerability due to an invalid pointer.
Exploit works on Apple Safari 4.0.5 for Windows.
The exploit web page must be the first page loaded into the Apple Safari browser instance on the target.
Pop-Up windows must be enabled on the target Apple Safari browser, i.e., disable the pop-up blocker.
The vulnerability is triggered when the user closes the pop-up window with [Alt + F4]. It may take a longer time than normal to establish the shell session.