The host is installed with Google Chrome before 17.0.963.46 or Apple Tunes before 10.7 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails in error handling for Cascading Style Sheets (CSS) token-sequence data. Successful exploitation allows remote attackers to cause a denial of service.