Double Free Vulnerability in VLC Media Player Allows Remote Code Execution via Crafted TiVo File

Double Free Vulnerability in VLC Media Player Allows Remote Code Execution via Crafted TiVo File

CVE-2012-0023 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.

Learn more about our Web Application Penetration Testing UK.