Vulnerability CVE-2010-3429

Vulnerability Name:

CVE-2010-3429 (CCN-62121)

Assigned:

2010-09-28

Published:

2010-09-28

Updated:

2018-10-10

Summary:

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:TF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:TF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Type:

CWE-94

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2010-3429

Source: CCN
Type: FFmpeg Web site
FFmpeg

Source: CONFIRM
Type: Patch
http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=16c592155f117ccd7b86006c45aacc692a81c23b

Source: CCN
Type: ffmpeg.org GIT Repository
git.ffmpeg.org Git - ffmpeg/commitdiff

Source: CCN
Type: SA41626
FFmpeg FLIC Processing Multiple Array Indexing Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
41626

Source: SECUNIA
Type: UNKNOWN
43323

Source: DEBIAN
Type: UNKNOWN
DSA-2165

Source: DEBIAN
Type: DSA-2165
ffmpeg-debian -- buffer overflow

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:060

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:061

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:062

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:088

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:089

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:112

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:114

Source: CCN
Type: ocert-2010-004
FFmpeg/libavcodec arbitrary offset dereference

Source: MISC
Type: UNKNOWN
http://www.ocert.org/advisories/ocert-2010-004.html

Source: MLIST
Type: UNKNOWN
[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference

Source: BUGTRAQ
Type: UNKNOWN
20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference

Source: CCN
Type: BID-50880
FFmpeg libavcodec 'vmd decode()' Heap Based Buffer Overflow Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-1104-1

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2010-2517

Source: VUPEN
Type: Vendor Advisory
ADV-2010-2518

Source: VUPEN
Type: UNKNOWN
ADV-2011-1241

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=635775

Source: XF
Type: UNKNOWN
ffmpeg-flicvideo-array-bo(62121)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*

AND

cpe:/a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* (Version <= 0.6)

Configuration 2:

cpe:/a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*

AND

cpe:/a:mplayerhq:mplayer:0.01:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.02:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.05:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.06:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.07:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.08:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.09:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.09:pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:pre1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:pre4:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:pre5:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:pre6:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.10:pre7:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre10:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre11:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre12:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre13:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre14:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre15:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre16:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre17:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre18:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre19:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre20:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre21:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre22:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre23:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre24:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre4:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre5:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre6:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre7:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre8:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.11:pre9:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.17_idegcounter:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.17a_idegcounter:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.18:pre1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.18:pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.18:pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.18:pre4:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.18:pre5:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.50:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.50:pre1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.50:pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.50:pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.60:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.60:pre1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.60:pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre10:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre4:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre5:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre6:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre7:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre8:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:pre9:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc3-pre1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc3-pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc3-pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc4:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.90:rc5:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.91:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.92:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.92.1:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:0.93:*:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre3:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre3try2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre4:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre5:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre5try2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre6:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre6a:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre7:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre7try2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:pre8:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:rc1:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:1.0:rc2:*:*:*:*:*:*

OR cpe:/a:mplayerhq:mplayer:*:rc3:*:*:*:*:*:* (Version <= 1.0)

Denotes that component is vulnerable

Vulnerability Name:

CVE-2010-3429 (CCN-62122)

Assigned:

2010-09-28

Published:

2010-09-28

Updated:

2010-09-28

Summary:

Mplayer could allow a remote attacker to execute arbitrary code on the system, caused by multiple array-indexing errors in the FLIC Video Decoder. A remote attacker could exploit this vulnerability to execute arbitrary code on the system.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:TF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:TF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2010-3429

Source: CCN
Type: Mplayer GIT Repository
git.mplayerhq.hu Git - ffmpeg/commit

Source: CCN
Type: SA41626
FFmpeg FLIC Processing Multiple Array Indexing Vulnerabilities

Source: CCN
Type: SA41645
MPlayer FLIC Processing Multiple Array Indexing Vulnerabilities

Source: DEBIAN
Type: DSA-2165
ffmpeg-debian -- buffer overflow

Source: CCN
Type: MPlayer Web site
MPlayer - The Movie Player

Source: CCN
Type: ocert-2010-004
FFmpeg/libavcodec arbitrary offset dereference

Source: XF
Type: UNKNOWN
mplayer-flic-code-execution(62122)

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:13661	P	USN-1104-1 -- ffmpeg vulnerabilities	2014-06-30
oval:org.mitre.oval:def:12955	P	DSA-2165-1 ffmpeg-debian -- buffer overflow	2014-06-23

BACK