The host is installed with VideoLAN VLC media player before 2.0.5 and is prone to buffer overflow vulnerability. The flaw is present in the ASF Demuxer (modules/demux/asf/asf.c), which fails to handle a crafted ASF movie that triggers an out-of-bounds read. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service.