The host is installed with VideoLAN VLC Media Player before 0.8.6g and is prone to untrusted search path vulnerability. A flaw is present in the application, which fails to handle a malicious library under the modules/ or plugins/ subdirectories of the current working directory. Successful exploitation allows local users to execute arbitrary code.