The host is installed with Google Chrome before 16.0.912.77 or Apple Tunes before 10.7 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to DOM selections. Successful exploitation could allow remote attackers to execute arbitrary code or crash the service.