Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark.
https://exchange.xforce.ibmcloud.com/vulnerabilities/35030
http://www.vupen.com/english/advisories/2007/2340
http://www.securityfocus.com/bid/24619