CVE-2007-3329

Name of the Vulnerable Software and Affected Versions Xvid version 1.1.2

Description The issue is related to multiple array index errors in certain functions within the Xvid software. Specifically, the errors occur in the get intra block, get inter block h263, and get inter block mpeg functions located in src/bitstream/mbcoding.c. These errors can be exploited by remote attackers through crafted files, including Avi, H.263, or MPEG files, potentially allowing the execution of arbitrary code.

Recommendations For Xvid version 1.1.2, consider disabling the get intra block, get inter block h263, and get inter block mpeg functions until a patch is available to prevent potential exploitation. Additionally, avoid using the affected Xvid version to process untrusted Avi, H.263, or MPEG files. At the moment, there is no information about a newer version that contains a fix for this issue.