The host is installed with Microsoft PowerPoint 2007 and is prone to remote code execution vulnerability. A flaw is present in the application, which appends an uninitialized object to a list while parsing an external object and accessing a method that does not exists when this object is destroyed during document close (WM_DESTROY). Successful exploitation allows remote attackers to execute code under the context of the application.