Bug 24298

Summary: CVE-2010-3429: arbitrary offset dereference vulnerability in flic video codec
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: ffmpegAssignee: Anton Farygin <rider>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: darktemplar, mike, placeholder, rider
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: http://www.ocert.org/advisories/ocert-2010-004.html

Description Vladimir Lettiev 2010-10-14 10:22:27 MSD
The vulnerability affects the flic file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific flic file can be crafted to trigger the vulnerability.

fixed in r25223
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;=16c592155f117ccd7b86006c45aacc692a81c23b
Comment 1 Vladimir Lettiev 2010-10-14 10:27:33 MSD
правильная ссылка:
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=16c592155f117ccd7b86006c45aacc692a81c23b
Comment 2 Michael Shigorin 2011-07-19 10:33:38 MSK
* Thu Nov 04 2010 Sergey Bolshakov <sbolshakov@altlinux> 1:0.6-alt2
- 25671 revision from trunk