Home > Vulnerability Database > CVE-2010-3429

Mend.io Vulnerability Database

CVE-2010-3429

Good to know:

Date: September 30, 2010

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

Language: C

Severity Score

9.3

Related Resources (22)

Url: http://secunia.com/advisories/41626

Url: http://www.ocert.org/advisories/ocert-2010-004.html

Url: http://www.ubuntu.com/usn/usn-1104-1/

Url: http://www.vupen.com/english/advisories/2010/2518

Url: http://www.vupen.com/english/advisories/2010/2517

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-3429

Url: https://bugzilla.redhat.com/show_bug.cgi?id=635775

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3429

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:060

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:061

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:062

Url: http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b

Url: http://www.securityfocus.com/archive/1/514009/100/0/threaded

Url: http://www.openwall.com/lists/oss-security/2010/09/28/4

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:088

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:089

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:112

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:114

Url: http://www.vupen.com/english/advisories/2011/1241

Url: http://www.debian.org/security/2011/dsa-2165

Url: http://secunia.com/advisories/43323

Url: https://www.mend.io/vulnerability-database/CVE-2010-3429

Severity Score

9.3

Weakness Type (CWE)

Code Injection

CWE-94

Top Fix

Upgrade Version

Upgrade to version n0.7.1

Learn More

CVSS v3

Base Score:	9.3
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE

CVSS v2

Base Score:	3.1
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-3429

Good to know:

Date: September 30, 2010

Language: C

Severity Score

Related Resources (22)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3

CVSS v2

Do you need more information?