CVE-2012-0023

Name of the Vulnerable Software and Affected Versions VideoLAN VLC media player versions 0.9.0 through 1.1.12

Description The issue is related to a double free vulnerability in the get chunk header function. This vulnerability allows remote attackers to cause a denial of service, resulting in the application crashing, and possibly execute arbitrary code via a crafted TiVo file.

Recommendations For versions 0.9.0 through 1.1.12, consider updating to a version that contains a fix for this issue, as using a crafted TiVo file could lead to a denial of service or arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.