CVE-2010-3429 Information

Description

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg as used in MPlayer and other products allows remote attackers to execute arbitrary code via a crafted flic file related to an \arbitrary offset dereference vulnerability.\

Reference

http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=16c592155f117ccd7b86006c45aacc692a81c23b http://secunia.com/advisories/41626 http://secunia.com/advisories/43323 http://www.debian.org/security/2011/dsa-2165 http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:062 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http://www.mandriva.com/security/advisories?name=MDVSA-2011:089 http://www.mandriva.com/security/advisories?name=MDVSA-2011:112 http://www.mandriva.com/security/advisories?name=MDVSA-2011:114 http://www.ocert.org/advisories/ocert-2010-004.html http://www.openwall.com/lists/oss-security/2010/09/28/4 http://www.securityfocus.com/archive/1/514009/100/0/threaded http://www.ubuntu.com/usn/usn-1104-1/ http://www.vupen.com/english/advisories/2010/2517 http://www.vupen.com/english/advisories/2010/2518 http://www.vupen.com/english/advisories/2011/1241 https://bugzilla.redhat.com/show_bug.cgi?id=635775