VUPEN Vulnerability Research Team discovered a vulnerability in Apple Safari. The flaw is caused by an integer overflow error in ColorSync when processing certain images with an embedded color profile, which could be exploited by attackers to potentially execute arbitrary code via a specially crafted web page. Versions prior to 4.0.5 are vulnerable.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/87200/vupensafari-overflow.txt
Source: https://packetstormsecurity.com/files/87200/Apple-Safari-ColorSync-Profile-Integer-Overflow.html