Bug 24298 - CVE-2010-3429: arbitrary offset dereference vulnerability in flic video codec
Summary: CVE-2010-3429: arbitrary offset dereference vulnerability in flic video codec
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: ffmpeg (show other bugs)
Version: unstable
Hardware: all Linux
: P3 blocker
Assignee: Anton Farygin
QA Contact: qa-sisyphus
URL: http://www.ocert.org/advisories/ocert...
Keywords: security
Depends on:
Blocks:
 
Reported: 2010-10-14 10:22 MSD by Vladimir Lettiev
Modified: 2011-07-19 10:33 MSK (History)
4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Lettiev 2010-10-14 10:22:27 MSD 
The vulnerability affects the flic file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific flic file can be crafted to trigger the vulnerability.

fixed in r25223
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;=16c592155f117ccd7b86006c45aacc692a81c23b
Comment 1 Vladimir Lettiev 2010-10-14 10:27:33 MSD 
правильная ссылка:
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=16c592155f117ccd7b86006c45aacc692a81c23b
Comment 2 Michael Shigorin 2011-07-19 10:33:38 MSK 
* Thu Nov 04 2010 Sergey Bolshakov <sbolshakov@altlinux> 1:0.6-alt2
- 25671 revision from trunk