Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks.
archives.neohapsis.com/archives/fulldisclosure/2007-06/0311.html
lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html
lists.apple.com/archives/security-announce/2008/Apr/msg00001.html
osvdb.org/38862
support.apple.com/kb/HT1467
www.securityfocus.com/archive/1/471452/100/0/threaded
www.securityfocus.com/archive/1/471454/100/0/threaded
www.securityfocus.com/bid/24484
www.securitytracker.com/id?1018282
www.vupen.com/english/advisories/2007/2316
www.vupen.com/english/advisories/2008/0979/references
exchange.xforce.ibmcloud.com/vulnerabilities/35050