CVE-2012-0023

Description

Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.

Affected packages (1)

• Debian/vlcfrom 0, < 1.1.13-1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-0023