Описание
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.6 (включая)
Одновременно
cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.0 (включая)
Одновременно
cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:mplayerhq:mplayer:*:rc3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.01:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.02:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.05:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.06:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.07:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.08:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.09:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.09:pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:pre1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:pre4:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:pre5:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:pre6:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.10:pre7:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre10:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre11:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre12:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre13:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre14:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre15:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre16:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre17:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre18:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre19:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre20:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre21:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre22:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre23:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre24:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre4:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre5:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre6:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre7:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre8:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.11:pre9:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.17_idegcounter:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.17a_idegcounter:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.18:pre1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.18:pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.18:pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.18:pre4:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.18:pre5:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.50:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.50:pre1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.50:pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.50:pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.60:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.60:pre1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.60:pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre10:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre4:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre5:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre6:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre7:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre8:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:pre9:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc4:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.90:rc5:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.91:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.92:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.92.1:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:0.93:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre3:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre3try2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre4:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre5:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre5try2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre6:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre6a:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre7:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre7try2:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:pre8:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:1.0:rc2:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04993
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
почти 15 лет назад
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
debian
почти 15 лет назад
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlaye ...
github
около 3 лет назад
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
fstec
почти 15 лет назад
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
Процентиль: 89%
0.04993
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94