CVE-2012-0023

Published: Oct 30, 2012Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.

Affected (34)

Products: Videolan: Vlc Media Player

Videolan

1 product

Vlc Media Player

Configuration A

34 vulnerable

Vulnerable Software	Affected Versions
Videolan Vlc Media Player	Version 0.9.0
Videolan Vlc Media Player	Version 0.9.10
Videolan Vlc Media Player	Version 0.9.1
Videolan Vlc Media Player	Version 0.9.2
Videolan Vlc Media Player	Version 0.9.3
Videolan Vlc Media Player	Version 0.9.4
Videolan Vlc Media Player	Version 0.9.5
Videolan Vlc Media Player	Version 0.9.6
Videolan Vlc Media Player	Version 0.9.8a
Videolan Vlc Media Player	Version 0.9.9
Videolan Vlc Media Player	Version 0.9.9a
Videolan Vlc Media Player	Version 1.0.0
Videolan Vlc Media Player	Version 1.0.1
Videolan Vlc Media Player	Version 1.0.2
Videolan Vlc Media Player	Version 1.0.3
Videolan Vlc Media Player	Version 1.0.4
Videolan Vlc Media Player	Version 1.0.5
Videolan Vlc Media Player	Version 1.0.6
Videolan Vlc Media Player	Version 1.1.0
Videolan Vlc Media Player	Version 1.1.10.1
Videolan Vlc Media Player	Version 1.1.10
Videolan Vlc Media Player	Version 1.1.11
Videolan Vlc Media Player	Version 1.1.12
Videolan Vlc Media Player	Version 1.1.1
Videolan Vlc Media Player	Version 1.1.2
Videolan Vlc Media Player	Version 1.1.3
Videolan Vlc Media Player	Version 1.1.4.1
Videolan Vlc Media Player	Version 1.1.4
Videolan Vlc Media Player	Version 1.1.5
Videolan Vlc Media Player	Version 1.1.6.1
Videolan Vlc Media Player	Version 1.1.6
Videolan Vlc Media Player	Version 1.1.7
Videolan Vlc Media Player	Version 1.1.8
Videolan Vlc Media Player	Version 1.1.9