CVE-2014-1684
EPSS 12.8%
Description
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
How to fix CVE-2014-1684
To remediate CVE-2014-1684, upgrade the affected package to a fixed version below.
- Debian/vlc—upgrade to 2.1.4-1 or later
Is CVE-2014-1684 being exploited?
Moderate — EPSS is 12.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.1.4-1