[原文]Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.
Mac OS X contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is triggered when a malicious ssh:// URI is received. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
Upgrade to version 10.3.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.