REDHAT-BUG-635775

First published: Mon Sep 20 2010(Updated: )

oCERT reported a vulnerability that affects the flic video codec support in ffmpeg. Quoting: "The MPlayer package [1] is vulnerable to an arbitrary offset dereference vulnerability, which could be exploited by malicious remote attacker. The vulnerability is caused by the MPlayer's flic codec (flicvideo.c) on 8 bits per pixel videos because the codec does not check received values. This could be exploited jumping to arbitrary code by opening a specially crafted file." They were particularly concerned about the ffmpeg inclusion in mplayer. The affected file (flicvideo.c) is also present in libextractor as provided by Fedora 12. It looks as though the only thing using libextractor in Fedora is doodle (local search program, like Spotlight). This would mean a user would have to download a specially crafted file and store it locally, and be using doodle to index files. I don't know whether or not doodle would be problematic here, i.e. if it's just reading metadata it might not cause any problems at all. Later versions of libextractor have removed the embedded ffmpeg sources.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-bugzilla
• alias/CVE-2010-3429
• agent/type
• agent/last-modified-date
• agent/first-publish-date
• agent/severity
• agent/references
• agent/description
• agent/event
• agent/tags
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• agent/softwarecombine
• vendor/ffmpeg
• canonical/ffmpeg
• vendor/mplayer
• canonical/dvd player
• vendor/libextractor
• canonical/libextractor
• vendor/doodle
• canonical/doodle