CVE-2010-0045
Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document.
Date published : 2010-03-12
http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html