The host is installed wit Apple Safari before 5.0.4 and is prone to cross-domain script-injection vulnerability. A flaw is present in the application which fails to properly handle Attr.style accessor. Successful exploitation allows remote attacker to execute arbitrary script code.