CVE-2010-3429

Name of the Vulnerable Software and Affected Versions FFmpeg versions 0.6 and earlier

Description The issue concerns multiple vulnerabilities in the ffmpeg-debian package of the Debian GNU/Linux operating system, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, a vulnerability in the flicvideo.c file of libavcodec in FFmpeg allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability.

Recommendations For FFmpeg versions 0.6 and earlier, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to flic files or disabling the flicvideo.c component until a patch is available. Avoid using the vulnerable libavcodec version in applications that handle flic files.