← Back

CVE-2010-3429

nvd nist
Published: Sep 30, 2010Modified: Apr 29, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

Affected (108)

Ffmpeg
2 products
Ffmpeg
Libavcodec
Mplayerhq
1 product
Mplayer
Configuration A
16 vulnerable
Vulnerable SoftwareAffected Versions
Ffmpeg
Ffmpeg
Up to 0.6
Ffmpeg
Version 0.3.1
Ffmpeg
Version 0.3.2
Ffmpeg
Version 0.3.3
Ffmpeg
Version 0.3.4
Ffmpeg
Version 0.3
Ffmpeg
Version 0.4.0
Ffmpeg
Version 0.4.2
Ffmpeg
Version 0.4.3
Ffmpeg
Version 0.4.4
Ffmpeg
Version 0.4.5
Ffmpeg
Version 0.4.6
Ffmpeg
Version 0.4.7
Ffmpeg
Version 0.4.8
Ffmpeg
Version 0.4.9 pre1
Ffmpeg
Version 0.5
Configuration B
92 vulnerable
Vulnerable SoftwareAffected Versions
Libavcodec
All versions
Mplayerhq
Mplayer
Up to 1.0
Mplayer
Version 0.01
Mplayer
Version 0.02
Mplayer
Version 0.05
Mplayer
Version 0.06
Mplayer
Version 0.07
Mplayer
Version 0.08
Mplayer
Version 0.09
Mplayer
Version 0.09 pre3
Mplayer
Version 0.10
Mplayer
Version 0.10 pre1
Mplayer
Version 0.10 pre2
Mplayer
Version 0.10 pre3
Mplayer
Version 0.10 pre4
Mplayer
Version 0.10 pre5
Mplayer
Version 0.10 pre6
Mplayer
Version 0.10 pre7
Mplayer
Version 0.11 pre10
Mplayer
Version 0.11 pre11
Mplayer
Version 0.11 pre12
Mplayer
Version 0.11 pre13
Mplayer
Version 0.11 pre14
Mplayer
Version 0.11 pre15
Mplayer
Version 0.11 pre16
Mplayer
Version 0.11 pre17
Mplayer
Version 0.11 pre18
Mplayer
Version 0.11 pre19
Mplayer
Version 0.11 pre20
Mplayer
Version 0.11 pre21
Mplayer
Version 0.11 pre22
Mplayer
Version 0.11 pre23
Mplayer
Version 0.11 pre24
Mplayer
Version 0.11 pre2
Mplayer
Version 0.11 pre3
Mplayer
Version 0.11 pre4
Mplayer
Version 0.11 pre5
Mplayer
Version 0.11 pre6
Mplayer
Version 0.11 pre7
Mplayer
Version 0.11 pre8
Mplayer
Version 0.11 pre9
Mplayer
Version 0.17_idegcounter
Mplayer
Version 0.17a_idegcounter
Mplayer
Version 0.18 pre1
Mplayer
Version 0.18 pre2
Mplayer
Version 0.18 pre3
Mplayer
Version 0.18 pre4
Mplayer
Version 0.18 pre5
Mplayer
Version 0.50
Mplayer
Version 0.50 pre1
Mplayer
Version 0.50 pre2
Mplayer
Version 0.50 pre3
Mplayer
Version 0.60
Mplayer
Version 0.60 pre1
Mplayer
Version 0.60 pre2
Mplayer
Version 0.90
Mplayer
Version 0.90 pre10
Mplayer
Version 0.90 pre1
Mplayer
Version 0.90 pre2
Mplayer
Version 0.90 pre3
Mplayer
Version 0.90 pre4
Mplayer
Version 0.90 pre5
Mplayer
Version 0.90 pre6
Mplayer
Version 0.90 pre7
Mplayer
Version 0.90 pre8
Mplayer
Version 0.90 pre9
Mplayer
Version 0.90 rc1
Mplayer
Version 0.90 rc2
Mplayer
Version 0.90 rc3-pre1
Mplayer
Version 0.90 rc3-pre2
Mplayer
Version 0.90 rc3-pre3
Mplayer
Version 0.90 rc3
Mplayer
Version 0.90 rc4
Mplayer
Version 0.90 rc5
Mplayer
Version 0.91
Mplayer
Version 0.92.1
Mplayer
Version 0.92
Mplayer
Version 0.93
Mplayer
Version 1.0 pre1
Mplayer
Version 1.0 pre2
Mplayer
Version 1.0 pre3
Mplayer
Version 1.0 pre3try2
Mplayer
Version 1.0 pre4
Mplayer
Version 1.0 pre5
Mplayer
Version 1.0 pre5try2
Mplayer
Version 1.0 pre6
Mplayer
Version 1.0 pre6a
Mplayer
Version 1.0 pre7
Mplayer
Version 1.0 pre7try2
Mplayer
Version 1.0 pre8
Mplayer
Version 1.0 rc1
Mplayer
Version 1.0 rc2

Related CWEs

CWE-94
Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (38)

Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.