VUPEN Vulnerability Research Team discovered a vulnerability in Apple Safari. The flaw is caused by an integer overflow error in ColorSync when processing certain images with an embedded color profile, which could be exploited by attackers to potentially execute arbitrary code via a specially crafted web page. Versions prior to 4.0.5 are vulnerable.
1454146e26d567984838853c1c4bc7c4c8efcfed722cfe6ecf6f1efd3325fa64