6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.3 High
AI Score
Confidence
High
0.047 Low
EPSS
Percentile
92.7%
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an βarbitrary offset dereference vulnerability.β
git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b
secunia.com/advisories/41626
secunia.com/advisories/43323
www.debian.org/security/2011/dsa-2165
www.mandriva.com/security/advisories?name=MDVSA-2011:060
www.mandriva.com/security/advisories?name=MDVSA-2011:061
www.mandriva.com/security/advisories?name=MDVSA-2011:062
www.mandriva.com/security/advisories?name=MDVSA-2011:088
www.mandriva.com/security/advisories?name=MDVSA-2011:089
www.mandriva.com/security/advisories?name=MDVSA-2011:112
www.mandriva.com/security/advisories?name=MDVSA-2011:114
www.ocert.org/advisories/ocert-2010-004.html
www.openwall.com/lists/oss-security/2010/09/28/4
www.securityfocus.com/archive/1/514009/100/0/threaded
www.ubuntu.com/usn/usn-1104-1/
www.vupen.com/english/advisories/2010/2517
www.vupen.com/english/advisories/2010/2518
www.vupen.com/english/advisories/2011/1241
bugzilla.redhat.com/show_bug.cgi?id=635775