The host is missing a security update according to Apple advisory, APPLE-SA-2014-10-22-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted movie file, a crafted MIDI file or a crafted m4a file. Successful exploitation allows attackers to execute arbitrary code or cause unexpected application termination.