CVE-2012-0904
VLC media player 1.1.11 - Denial of Service via Long String in AMR File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-0904. PoCs published by Fabi@habsec.
AI-analyzed exploit summary This exploit generates a malformed .amr file that triggers an unhandled access violation exception in VLC media player v1.1.11, causing a local crash. The PoC creates a file with a specific header followed by a large buffer of 'A' characters.
Description
VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Fabi@habsec · perldoswindows
https://www.exploit-db.com/exploits/18309
This exploit generates a malformed .amr file that triggers an unhandled access violation exception in VLC media player v1.1.11, causing a local crash. The PoC creates a file with a specific header followed by a large buffer of 'A' characters.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
VLC media player v1.1.11
No auth needed
Prerequisites:
VLC media player v1.1.11 installed on the target system
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72085
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-01/0033.html
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18309
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14327
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/51255
Scores
EPSS
0.0806
EPSS Percentile
92.4%
Details
CWE
CWE-399
Status
published
Products (1)
videolan/vlc_media_player
1.1.11
Published
Jan 20, 2012
Tracked Since
Feb 18, 2026