Vulnerability Details : CVE-2014-9625
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an "integer truncation" vulnerability.
Vulnerability category: OverflowExecute code
Threat overview for CVE-2014-9625
Top countries where our scanners detected CVE-2014-9625
Top open port discovered on systems with this issue
22
IPs affected by CVE-2014-9625 445
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-9625!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-9625
1.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less