The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to arbitrary code execution vulnerability. A flaw is present in the application which fails to handle libxslt security settings in webKit. Successful exploitation allows remote attackers to create arbitrary files, and consequently execute arbitrary code.