CVE-2009-2196
Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.
Date published : 2009-08-12
http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html