The host is missing a security update according to Apple advisory, APPLE-SA-2009-09-22-1. The update is required to fix a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a maliciously crafted .pls file. Successful exploitation could allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.