In 2006 I gave a talk at blackhat on the risks of RSS vulnerabilities. It appears Safari has a flaw in its RSS reader as outlined by Brian Mastenbrook.
"The original version of this page contained a simple workaround for
this issue which I believed would protect users against this problem. I
have since discovered (on 13 January 2009) that changing the default
RSS feed reader application in Safari does not correctly disassociate
Safari from all RSS feed URLs. The workaround section of this post has
been updated with additional information. I regret that what initially
appeared to be a simple workaround is now substantially more
complicated and requires the installation of third-party software to
perform.
I have discovered that Apple's Safari browser is vulnerable to an
attack that allows a malicious web site to read files on a user's hard
drive without user intervention. This can be used to gain access to
sensitive information stored on the user's computer, such as emails,
passwords, or cookies that could be used to gain access to the user's
accounts on some web sites. The vulnerability has been acknowledged by
Apple.
All users of Mac OS X 10.5 Leopard who have not performed the
workaround steps listed below are affected, regardless of whether they
use any RSS feeds. Users of previous versions of Mac OS X are not
affected."
Read More: http://brian.mastenbrook.net/display/27
RSS Security Whitepaper: http://www.cgisecurity.com/papers/HackingFeeds.pdf
Blackhat Slides: http://www.cgisecurity.com/papers/RSS-Security.ppt
