[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-3429Date: (C)2010-09-30   (M)2023-12-22


flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://www.securityfocus.com/archive/1/514009/100/0/threaded
SECUNIA-41626
SECUNIA-43323
ADV-2010-2517
ADV-2010-2518
ADV-2011-1241
DSA-2165
MDVSA-2011:060
MDVSA-2011:061
MDVSA-2011:062
MDVSA-2011:088
MDVSA-2011:089
MDVSA-2011:112
MDVSA-2011:114
USN-1104-1
http://www.openwall.com/lists/oss-security/2010/09/28/4
http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b
http://www.ocert.org/advisories/ocert-2010-004.html
https://bugzilla.redhat.com/show_bug.cgi?id=635775

CPE    16
cpe:/a:ffmpeg:ffmpeg:0.4.9:pre1
cpe:/a:ffmpeg:ffmpeg
cpe:/a:ffmpeg:ffmpeg:0.3
cpe:/a:ffmpeg:ffmpeg:0.5
...
CWE    1
CWE-94
OVAL    9
oval:org.secpod.oval:def:300434
oval:org.secpod.oval:def:300431
oval:org.secpod.oval:def:300437
oval:org.secpod.oval:def:301019
...

© SecPod Technologies