The host is installed with VideoLAN VLC Media Player before 0.8.6f and is prone to a stack-based buffer overflow vulnerability. The flaw is present in the application, which does not properly handle a long subtitle in an SSA file. Successful exploitation allows remote attackers to cause a denial of service (crash).