Sometimes . . . we fail (shocking - I know, but bare with me please). 🙂
So a seceurity researcher who goes by the name Liu Die Yu seems to have unraveled the mystery of the recent Apple Safari carpet bomb fail that we released an advisory on and how it can be used to achieve the goal of running arbitrary code when combined with another "undisclosed" vulnerability - one that was apparently reported in 2006 by Aviv.
You can read all the gory details here: http://www.pcworld.com/businesscenter/article/146946/safari_carpet_bomb_attack_code_released.html
Sucks . . . securing the planet is like . . . hard and stuff.