The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted XBM image. Successful exploitation could allow attackers to execute arbitrary code or crash the service.