The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an URL spoofing vulnerability. A flaw is present in the application, which fails to properly handle a cross-origin attack. Successful exploitation could allow attackers to spoof the URL.