The remote host is missing an update to vlc announced via advisory DSA 2257-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202257-1

Rocco Calvi discovered that the XSPF playlist parser of vlc, a multimedia player and streamer, is prone to an integer overflow resulting in a heap-based buffer overflow. This might allow an attacker to execute arbitrary code by tricking a victim into opening a specially crafted file. The oldstable distribution (lenny) is not affected by this problem. For the stable distribution (squeeze), this problem has been fixed in version 1.1.3-1squeeze6. For the testing (wheezy) and unstable (sid) distributions, this problem will be fixed soon. We recommend that you upgrade your vlc packages.