AppleWebKit XMLHttpRequest arbitrary file disclosure - Apple Safari 1.2+, Apple RSS 2.0 pre-release, OmniGroup OmniWeb 5.1+, as well as other software based on a common engine, are vulnerable to malicious webservers attacking them and retrieving information (arbitrary files on disk).
0ea575297839fdac0e3654c2488db5abe193e71540f91deb28ffc4cd0bd4c886