Apple Safari 2.0.2 allows remote malicious users to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function.
apple safari 2.0.2