Secunia has documented a possible exploit in Apple’s Safari Web browser. The company has rated the exploit as extremely critical. Known as "Mac OS X “__MACOSX” ZIP Archive Shell Script Execution", the exploit stems from a preference setting in the Safari Web browser which can lead to the execution of a malicious shell script, renamed to a "safe" extension in a ZIP archive.
That preference allows the Mac to automatically open “safe” files after downloading them. So-called safe files include movies, pictures, sounds, PDF and text documents, disk images and other archives.
If a shell script is renamed to appear as a “safe” extension to Safari, systems that have this preference turned on can automatically execute the script — and this can be exploited by someone with malicious intentions, according to Secunia.