APPLE-SA-2010-09-07-1 Safari 5.0.2 and Safari 4.1.2

http://support.apple.com/kb/HT4333

"Safari 5.0.2 and Safari 4.1.2 is now available and addresses the
following:

Safari
CVE-ID: CVE-2010-1805
Available for: Windows 7, Vista, XP SP2 or later
Impact: Opening a file in a directory that is writable by other
users may lead to arbitrary code execution

WebKit
CVE-ID: CVE-2010-1807
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later,
Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution

WebKit
CVE-ID: CVE-2010-1806
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later,
Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution

Safari 5.0.2 and Safari 4.1.2 address the same set of security
issues. Safari 5.0.2 is provided for Mac OS X v10.5, Mac OS X v10.6,
and Windows systems. Safari 4.1.2 is provided for
Mac OS X v10.4 systems.

Safari 5.0.2 is available via the Apple Software Update
application, or Apple's Safari download site at:
http://www.apple.com/safari/download/

Safari 4.1.2 is available via the Apple Software Update
application, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

Safari for Mac OS X v10.6.2 and later
The download file is named: Safari5.0.2SnowLeopard.dmg
Its SHA-1 digest is: 695730a04038240c340571abf62c08f1ad5a8a5c

Safari for Mac OS X v10.5.8
The download file is named: Safari5.0.2Leopard.dmg
Its SHA-1 digest is: 3b71a553b53b8c22e0f4f21842f500ef5d6ed0e7

Safari for Mac OS X v10.4.11
The download file is named: Safari4.1.2Tiger.dmg
Its SHA-1 digest is: 35aafd64b4a74115469bc83dc390857b896197a3

Safari for Windows 7, Vista or XP
The download file is named: SafariSetup.exe
Its SHA-1 digest is: f15e3570e80a50abc0e200895d0b0492abc38386

Safari for Windows 7, Vista or XP from the Microsoft Choice Screen
The download file is named: Safari_Setup.exe
Its SHA-1 digest is: a3418d1a4199bcc308c059b7c2caf14a20277ebb

Safari+QuickTime for Windows 7, Vista or XP
The file is named: SafariQuickTimeSetup.exe
Its SHA-1 digest is: 15f2482ace01924f89ded25f988458f58b5a4fa3 "

It is recommended that Safari users update to the latest version to
avoid this vulnerability.

Thanks,
ep