Zero Day Initiative Advisory 09-022 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the parsing of malformed SVGLists via the SVGPathList data structure, the following lists are affected: SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, SVGLengthList. When a negative index argument is suppled to the insertItemBefore() method, a memory corruption occurs resulting in the ability to execute arbitrary code.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/77670/ZDI-09-022.txt
Source: https://packetstormsecurity.com/files/77670/Zero-Day-Initiative-Advisory-09-022.html