CVE-2010-3429: Code Injection
First published: Mon Sep 20 2010(Updated: )
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| libavcodec | ||
| FFmpeg | <=0.6 | |
| FFmpeg | =0.3 | |
| FFmpeg | =0.3.1 | |
| FFmpeg | =0.3.2 | |
| FFmpeg | =0.3.3 | |
| FFmpeg | =0.3.4 | |
| FFmpeg | =0.4.0 | |
| FFmpeg | =0.4.2 | |
| FFmpeg | =0.4.3 | |
| FFmpeg | =0.4.4 | |
| FFmpeg | =0.4.5 | |
| FFmpeg | =0.4.6 | |
| FFmpeg | =0.4.7 | |
| FFmpeg | =0.4.8 | |
| FFmpeg | =0.4.9-pre1 | |
| FFmpeg | =0.5 | |
| Gapless Player SimZip | <=1.0 | |
| Gapless Player SimZip | =0.01 | |
| Gapless Player SimZip | =0.02 | |
| Gapless Player SimZip | =0.05 | |
| Gapless Player SimZip | =0.06 | |
| Gapless Player SimZip | =0.07 | |
| Gapless Player SimZip | =0.08 | |
| Gapless Player SimZip | =0.09 | |
| Gapless Player SimZip | =0.09-pre3 | |
| Gapless Player SimZip | =0.10 | |
| Gapless Player SimZip | =0.10-pre1 | |
| Gapless Player SimZip | =0.10-pre2 | |
| Gapless Player SimZip | =0.10-pre3 | |
| Gapless Player SimZip | =0.10-pre4 | |
| Gapless Player SimZip | =0.10-pre5 | |
| Gapless Player SimZip | =0.10-pre6 | |
| Gapless Player SimZip | =0.10-pre7 | |
| Gapless Player SimZip | =0.11-pre10 | |
| Gapless Player SimZip | =0.11-pre11 | |
| Gapless Player SimZip | =0.11-pre12 | |
| Gapless Player SimZip | =0.11-pre13 | |
| Gapless Player SimZip | =0.11-pre14 | |
| Gapless Player SimZip | =0.11-pre15 | |
| Gapless Player SimZip | =0.11-pre16 | |
| Gapless Player SimZip | =0.11-pre17 | |
| Gapless Player SimZip | =0.11-pre18 | |
| Gapless Player SimZip | =0.11-pre19 | |
| Gapless Player SimZip | =0.11-pre2 | |
| Gapless Player SimZip | =0.11-pre20 | |
| Gapless Player SimZip | =0.11-pre21 | |
| Gapless Player SimZip | =0.11-pre22 | |
| Gapless Player SimZip | =0.11-pre23 | |
| Gapless Player SimZip | =0.11-pre24 | |
| Gapless Player SimZip | =0.11-pre3 | |
| Gapless Player SimZip | =0.11-pre4 | |
| Gapless Player SimZip | =0.11-pre5 | |
| Gapless Player SimZip | =0.11-pre6 | |
| Gapless Player SimZip | =0.11-pre7 | |
| Gapless Player SimZip | =0.11-pre8 | |
| Gapless Player SimZip | =0.11-pre9 | |
| Gapless Player SimZip | =0.17_idegcounter | |
| Gapless Player SimZip | =0.17a_idegcounter | |
| Gapless Player SimZip | =0.18-pre1 | |
| Gapless Player SimZip | =0.18-pre2 | |
| Gapless Player SimZip | =0.18-pre3 | |
| Gapless Player SimZip | =0.18-pre4 | |
| Gapless Player SimZip | =0.18-pre5 | |
| Gapless Player SimZip | =0.50 | |
| Gapless Player SimZip | =0.50-pre1 | |
| Gapless Player SimZip | =0.50-pre2 | |
| Gapless Player SimZip | =0.50-pre3 | |
| Gapless Player SimZip | =0.60 | |
| Gapless Player SimZip | =0.60-pre1 | |
| Gapless Player SimZip | =0.60-pre2 | |
| Gapless Player SimZip | =0.90 | |
| Gapless Player SimZip | =0.90-pre1 | |
| Gapless Player SimZip | =0.90-pre10 | |
| Gapless Player SimZip | =0.90-pre2 | |
| Gapless Player SimZip | =0.90-pre3 | |
| Gapless Player SimZip | =0.90-pre4 | |
| Gapless Player SimZip | =0.90-pre5 | |
| Gapless Player SimZip | =0.90-pre6 | |
| Gapless Player SimZip | =0.90-pre7 | |
| Gapless Player SimZip | =0.90-pre8 | |
| Gapless Player SimZip | =0.90-pre9 | |
| Gapless Player SimZip | =0.90-rc1 | |
| Gapless Player SimZip | =0.90-rc2 | |
| Gapless Player SimZip | =0.90-rc3 | |
| Gapless Player SimZip | =0.90-rc3-pre1 | |
| Gapless Player SimZip | =0.90-rc3-pre2 | |
| Gapless Player SimZip | =0.90-rc3-pre3 | |
| Gapless Player SimZip | =0.90-rc4 | |
| Gapless Player SimZip | =0.90-rc5 | |
| Gapless Player SimZip | =0.91 | |
| Gapless Player SimZip | =0.92 | |
| Gapless Player SimZip | =0.92.1 | |
| Gapless Player SimZip | =0.93 | |
| Gapless Player SimZip | =1.0-pre1 | |
| Gapless Player SimZip | =1.0-pre2 | |
| Gapless Player SimZip | =1.0-pre3 | |
| Gapless Player SimZip | =1.0-pre3try2 | |
| Gapless Player SimZip | =1.0-pre4 | |
| Gapless Player SimZip | =1.0-pre5 | |
| Gapless Player SimZip | =1.0-pre5try2 | |
| Gapless Player SimZip | =1.0-pre6 | |
| Gapless Player SimZip | =1.0-pre6a | |
| Gapless Player SimZip | =1.0-pre7 | |
| Gapless Player SimZip | =1.0-pre7try2 | |
| Gapless Player SimZip | =1.0-pre8 | |
| Gapless Player SimZip | =1.0-rc1 | |
| Gapless Player SimZip | =1.0-rc2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/41626
- http://www.vupen.com/english/advisories/2010/2517
- http://www.ocert.org/advisories/ocert-2010-004.html
- https://bugzilla.redhat.com/show_bug.cgi?id=635775
- http://www.openwall.com/lists/oss-security/2010/09/28/4
- http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=16c592155f117ccd7b86006c45aacc692a81c23b
- http://www.vupen.com/english/advisories/2010/2518
- http://www.debian.org/security/2011/dsa-2165
- http://secunia.com/advisories/43323
- http://www.vupen.com/english/advisories/2011/1241
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:060
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
- http://www.ubuntu.com/usn/usn-1104-1/
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:062
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:089
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:088
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:112
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:114
- http://www.securityfocus.com/archive/1/514009/100/0/threaded
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=448516&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=448516&action=edit
- http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=16c592155f117ccd7b86006c45aacc692a81c23b
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=638265
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=635775#c6
- http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b
Frequently Asked Questions
What is the severity of CVE-2010-3429?
CVE-2010-3429 is considered a critical vulnerability due to its potential for arbitrary code execution.
How do I fix CVE-2010-3429?
To fix CVE-2010-3429, upgrade to a version of FFmpeg or libavcodec that is later than 0.6.
What products are affected by CVE-2010-3429?
CVE-2010-3429 affects FFmpeg versions up to 0.6, and the libavcodec library used in MPlayer and other applications.
What kind of attack can exploit CVE-2010-3429?
CVE-2010-3429 can be exploited by remote attackers through crafted Flic files leading to arbitrary code execution.
Is CVE-2010-3429 still relevant today?
Though it was reported in 2010, CVE-2010-3429 may still be relevant for systems running outdated versions of affected software.
- collector/nvd-historical
- collector/redhat-bugzilla
- alias/CVE-2010-3429
- agent/type
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/event
- agent/description
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ffmpeg
- canonical/libavcodec
- canonical/ffmpeg
- version/ffmpeg/0.6
- version/ffmpeg/0.3
- version/ffmpeg/0.3.1
- version/ffmpeg/0.3.2
- version/ffmpeg/0.3.3
- version/ffmpeg/0.3.4
- version/ffmpeg/0.4.0
- version/ffmpeg/0.4.2
- version/ffmpeg/0.4.3
- version/ffmpeg/0.4.4
- version/ffmpeg/0.4.5
- version/ffmpeg/0.4.6
- version/ffmpeg/0.4.7
- version/ffmpeg/0.4.8
- version/ffmpeg/0.4.9-pre1
- version/ffmpeg/0.5
- vendor/mplayerhq
- canonical/gapless player simzip
- version/gapless player simzip/1.0
- version/gapless player simzip/0.01
- version/gapless player simzip/0.02
- version/gapless player simzip/0.05
- version/gapless player simzip/0.06
- version/gapless player simzip/0.07
- version/gapless player simzip/0.08
- version/gapless player simzip/0.09
- version/gapless player simzip/0.09-pre3
- version/gapless player simzip/0.10
- version/gapless player simzip/0.10-pre1
- version/gapless player simzip/0.10-pre2
- version/gapless player simzip/0.10-pre3
- version/gapless player simzip/0.10-pre4
- version/gapless player simzip/0.10-pre5
- version/gapless player simzip/0.10-pre6
- version/gapless player simzip/0.10-pre7
- version/gapless player simzip/0.11-pre10
- version/gapless player simzip/0.11-pre11
- version/gapless player simzip/0.11-pre12
- version/gapless player simzip/0.11-pre13
- version/gapless player simzip/0.11-pre14
- version/gapless player simzip/0.11-pre15
- version/gapless player simzip/0.11-pre16
- version/gapless player simzip/0.11-pre17
- version/gapless player simzip/0.11-pre18
- version/gapless player simzip/0.11-pre19
- version/gapless player simzip/0.11-pre2
- version/gapless player simzip/0.11-pre20
- version/gapless player simzip/0.11-pre21
- version/gapless player simzip/0.11-pre22
- version/gapless player simzip/0.11-pre23
- version/gapless player simzip/0.11-pre24
- version/gapless player simzip/0.11-pre3
- version/gapless player simzip/0.11-pre4
- version/gapless player simzip/0.11-pre5
- version/gapless player simzip/0.11-pre6
- version/gapless player simzip/0.11-pre7
- version/gapless player simzip/0.11-pre8
- version/gapless player simzip/0.11-pre9
- version/gapless player simzip/0.17_idegcounter
- version/gapless player simzip/0.17a_idegcounter
- version/gapless player simzip/0.18-pre1
- version/gapless player simzip/0.18-pre2
- version/gapless player simzip/0.18-pre3
- version/gapless player simzip/0.18-pre4
- version/gapless player simzip/0.18-pre5
- version/gapless player simzip/0.50
- version/gapless player simzip/0.50-pre1
- version/gapless player simzip/0.50-pre2
- version/gapless player simzip/0.50-pre3
- version/gapless player simzip/0.60
- version/gapless player simzip/0.60-pre1
- version/gapless player simzip/0.60-pre2
- version/gapless player simzip/0.90
- version/gapless player simzip/0.90-pre1
- version/gapless player simzip/0.90-pre10
- version/gapless player simzip/0.90-pre2
- version/gapless player simzip/0.90-pre3
- version/gapless player simzip/0.90-pre4
- version/gapless player simzip/0.90-pre5
- version/gapless player simzip/0.90-pre6
- version/gapless player simzip/0.90-pre7
- version/gapless player simzip/0.90-pre8
- version/gapless player simzip/0.90-pre9
- version/gapless player simzip/0.90-rc1
- version/gapless player simzip/0.90-rc2
- version/gapless player simzip/0.90-rc3
- version/gapless player simzip/0.90-rc3-pre1
- version/gapless player simzip/0.90-rc3-pre2
- version/gapless player simzip/0.90-rc3-pre3
- version/gapless player simzip/0.90-rc4
- version/gapless player simzip/0.90-rc5
- version/gapless player simzip/0.91
- version/gapless player simzip/0.92
- version/gapless player simzip/0.92.1
- version/gapless player simzip/0.93
- version/gapless player simzip/1.0-pre1
- version/gapless player simzip/1.0-pre2
- version/gapless player simzip/1.0-pre3
- version/gapless player simzip/1.0-pre3try2
- version/gapless player simzip/1.0-pre4
- version/gapless player simzip/1.0-pre5
- version/gapless player simzip/1.0-pre5try2
- version/gapless player simzip/1.0-pre6
- version/gapless player simzip/1.0-pre6a
- version/gapless player simzip/1.0-pre7
- version/gapless player simzip/1.0-pre7try2
- version/gapless player simzip/1.0-pre8
- version/gapless player simzip/1.0-rc1
- version/gapless player simzip/1.0-rc2