"These vulnerabilities are so far are not known to be actively exploited; however, if done, they could allow an attacker to run malicious software and conduct spoofing attacks on those using the browser," writes CNET News' Topher Kessler.
"Secunia apparently contacted Apple regarding its findings, but following little or no response from Apple has followed the guidelines of its disclosure policy and made the information on these exploits public," Kessler writes.
Go to "Danish firm outlines two unpatched Safari vulnerabilities" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.