Mac Security 2004-12-02 update is now available. Safari is updated:
Impact: Specially crafted HTML can display a misleading URI the Safari status bar.
Description: Safari could be tricked into displaying a URI in its status bar that was not the same as the destination of a link. This update corrects Safari so that it now displays the URI that will be activated when selected.
Impact: With multiple browser windows active Safari users could be mislead about which window activated a pop-up window.
Description: When multiple Safari windows are open, a carefully timed pop-up could mislead a user into thinking it was activated by a different site. In this update Safari now places a window that activates a pop-up in front of all other browser windows. Credit to Secunia Research for reporting this issue.
Posting from Safari 1.2.4 (v125.12).