CVE-2014-1684
published 2014-03-03CVE-2014-1684: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers…
PriorityP424medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
5.21%
91.5th percentile
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | vlc | < vlc 2.1.4-1 (bookworm) | vlc 2.1.4-1 (bookworm) |
| videolan | vlc_media_player | <= 2.1.2 | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2014-1684: vlc - The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the...
vendor_debian·2014·CVSS 4.3
CVE-2014-1684 [MEDIUM] CVE-2014-1684: vlc - The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the...
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
Scope: local
bookworm: resolved (fixed in 2.1.4-1)
bullseye: resolved (fixed in 2.1.4-1)
forky: resolved (fixed in 2.1.4-1)
sid: resolved (fixed in 2.1.4-1)
trixie: resolved (fixed in 2.1.4-1)
GHSA
GHSA-rj27-5g2m-8j6m: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf
ghsa_unreviewed·2022-05-17
CVE-2014-1684 [MEDIUM] GHSA-rj27-5g2m-8j6m: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
OSV
CVE-2014-1684: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf
osv·2014-03-03·CVSS 4.3
CVE-2014-1684 [MEDIUM] CVE-2014-1684: The ASF_ReadObject_file_properties function in modules/demux/asf/libasf
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
No detection rules found.
No writeups or analysis indexed.
http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404http://www.elsherei.com/?p=269https://security.gentoo.org/glsa/201603-08https://trac.videolan.org/vlc/ticket/10482http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404http://www.elsherei.com/?p=269https://security.gentoo.org/glsa/201603-08https://trac.videolan.org/vlc/ticket/10482
2014-03-03
Published