Search for vulnerabilities
Vulnerability details: VCID-t1e7-x86m-aaaq
Vulnerability ID VCID-t1e7-x86m-aaaq
Aliases CVE-2014-1684
Summary The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
Status Published
Exploitability 2.0
Weighted Severity 3.9
Risk 7.8
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1684.html
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.13572 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.1513 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.56139 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.56139 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.56139 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
epss 0.75048 https://api.first.org/data/v1/epss?cve=CVE-2014-1684
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1684
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2014-1684
generic_textual Low http://www.elsherei.com/?p=269
Reference id Reference type URL
http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404
http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git;a=commitdiff;h=98787d0843612271e99d62bee0dfd8197f0cf404
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1684.html
https://api.first.org/data/v1/epss?cve=CVE-2014-1684
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1684
https://security.gentoo.org/glsa/201603-08
https://trac.videolan.org/vlc/ticket/10482
http://www.elsherei.com/?p=269
743033 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743033
cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.10:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.10.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.10.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.11:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.12:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.13:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.1.1:*:*:*:*:*:*:*
CVE-2014-1684 https://nvd.nist.gov/vuln/detail/CVE-2014-1684
CVE-2014-1684;OSVDB-103019 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31429.py
Data source Exploit-DB
Date added Feb. 5, 2014
Description VideoLAN VLC Media Player 2.1.2 - '.asf' Crash (PoC)
Ransomware campaign use Unknown
Source publication date Feb. 5, 2014
Exploit type dos
Platform multiple
Source update date Feb. 5, 2014
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-1684
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.93625
EPSS Score 0.13572
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.