Summary : Heap corruption in VLC TiVo demuxer Date : December 2011 Affected versions : VLC media player 1.1.12 down to 0.9.0 ID : VideoLAN-SA-1108 CVE reference : CVE-2012-0023
When parsing the header of an invalid TY file, the heap might be corrupted.
If successful, a malicious third party could crash the VLC media player process. Arbitrary code execution might be possible on some systems, though this is unconfirmed.
Exploitation of this issue requires the user to explicitly open a specially crafted file.
The user should refrain from opening files from untrusted third parties or accessing untrusted remote sites (or disable the VLC browser plugins), until the patch is applied.
Alternatively, the TY demux plugin (
can be removed manually from the VLC plugin installation directory.
This will prevent opening of TiVo files.
VLC media player 1.1.13 addresses this issue. Patches for older versions are available from the official VLC source code repository vlc-1.1.git.
This vulnerability was reported by Clement Lecigne.