The host is installed with Apple Safari before 4.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to prevent calls to the open-help-anchor URL handler by web sites. Successful exploitation could allow attackers to open arbitrary local help files, and execute arbitrary code or obtain sensitive information.