Unrated severityNVD Advisory· Published Sep 30, 2010· Updated Apr 29, 2026
CVE-2010-3429
CVE-2010-3429
Description
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
Affected products
108cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*range: <=0.6
- cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.01:*:*:*:*:*:*:*+ 90 more
- cpe:2.3:a:mplayerhq:mplayer:0.01:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.02:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.05:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.06:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.07:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.08:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.09:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.09:pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:pre1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:pre4:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:pre5:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:pre6:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.10:pre7:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre10:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre11:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre12:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre13:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre14:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre15:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre16:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre17:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre18:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre19:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre20:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre21:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre22:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre23:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre24:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre4:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre5:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre6:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre7:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre8:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.11:pre9:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.17a_idegcounter:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.17_idegcounter:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.18:pre1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.18:pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.18:pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.18:pre4:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.18:pre5:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.50:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.50:pre1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.50:pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.50:pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.60:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.60:pre1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.60:pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre10:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre4:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre5:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre6:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre7:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre8:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:pre9:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc4:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.90:rc5:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.92.1:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:0.93:*:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre3:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre3try2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre4:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre5:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre5try2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre6:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre6a:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre7:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre7try2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:pre8:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:mplayerhq:mplayer:*:rc3:*:*:*:*:*:*range: <=1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
18- www.vupen.com/english/advisories/2010/2517nvdPatchVendor Advisory
- secunia.com/advisories/41626nvdVendor Advisory
- www.vupen.com/english/advisories/2010/2518nvdVendor Advisory
- secunia.com/advisories/43323nvd
- www.debian.org/security/2011/dsa-2165nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.ocert.org/advisories/ocert-2010-004.htmlnvd
- www.openwall.com/lists/oss-security/2010/09/28/4nvd
- www.securityfocus.com/archive/1/514009/100/0/threadednvd
- www.ubuntu.com/usn/usn-1104-1/nvd
- www.vupen.com/english/advisories/2011/1241nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.