Apple WebCore XMLHTTPRequest Cross-Site Scripting Vulnerability

Apple WebCore XMLHTTPRequest Cross-Site Scripting Vulnerability

Solution:
The vendor has provided fixes to address this issue. Please see the references for more information.

Apple security advisory APPLE-SA-2007-07-31 iPhone v1.0.1 Update is available.

Note that the iPhone update is available only through iTunes; it will not be available through the Software Update application or the Apple Downloads site. The update is automatically detected and downloaded by iTunes -- the user will be asked to install the update when the iPhone is docked.

Apple Safari 3.0.1 Beta for Windows

Apple Safari302Beta.dmg
http://www.apple.com/safari/download/Safari302Beta.dmg

Apple SafariSetup.exe
Safari 3 Beta Update 3.0.2 for Windows XP or Vista
http://www.apple.com/safari/download/SafariSetup.exe