The host is installed with Google Chrome before 16.0.912.63 or Apple iTunes before 10.6 or Apple Safari before 5.1.4 and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to handle SVG parsing. Successful exploitation could allow attackers to crash the service.