The host is installed with VLC Media Player before 1.1.8 and is prone to arbitrary code execution vulnerability. A flaw is present in the application which is caused by a memory corruption error in the "libdirectx" plugin when processing malformed NSV data. Successful exploitation allows remote attacker to overflow a buffer and execute arbitrary code on the system or cause the application to crash.