WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines.
Webkit on Apple Safari versions prior to 4.1.2 and 5.0.2 and Google Chrome versions prior to 5.0.375.125 suffers from a memory corruption vulnerability.