The host is installed with Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 and is prone to remote code execution vulnerability. A flaw is present in the application which fails to handle specially crafted request. Successful exploitation allows remote attackers to execute arbitrary code on the affected software via Windows Metafile (WMF) image.