VulnerableCode Vulnerability Details - VCID-dmdz-e927-qkfb

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-dmdz-e927-qkfb

Essentials
Severities (8)
References (10)
Severity details (0)
Exploits (2)
EPSS
History (1)

Vulnerability ID	VCID-dmdz-e927-qkfb
Aliases	CVE-2014-2299
Summary	several
Status	Published
Exploitability	2.0
Weighted Severity	0.6
Risk	1.2
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

System	Score	Found at
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299
epss	0.67962	https://api.first.org/data/v1/epss?cve=CVE-2014-2299

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2299.json
		https://api.first.org/data/v1/epss?cve=CVE-2014-2299
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2281
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2283
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2299
1074109		https://bugzilla.redhat.com/show_bug.cgi?id=1074109
CVE-2014-2299;OSVDB-104199	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/33069.rb
GLSA-201406-33		https://security.gentoo.org/glsa/201406-33
RHSA-2014:0341		https://access.redhat.com/errata/RHSA-2014:0341
RHSA-2014:0342		https://access.redhat.com/errata/RHSA-2014:0342

Data source	Exploit-DB
Date added	April 28, 2014
Description	Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow (Metasploit)
Ransomware campaign use	Known
Source publication date	April 28, 2014
Exploit type	local
Platform	windows
Source update date	April 28, 2014

Data source	Metasploit
Description	This module triggers a stack buffer overflow in Wireshark <= 1.8.12/1.10.5 by generating a malicious file.
Note	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
Ransomware campaign use	Unknown
Source publication date	March 20, 2014
Platform	Windows
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/fileformat/wireshark_mpeg_overflow.rb

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.98577
EPSS Score	0.67962
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:10:36.307227+00:00	Debian Oval Importer	Import	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	38.0.0