Safari 1.3 allows remote malicious users to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference.
apple safari 1.3