The av_probe_input_buffer function in libavformat/utils.c in FFmpeg prior to 1.0.2, when running with certain -probesize values, allows remote malicious users to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ffmpeg ffmpeg 1.0 |
||
ffmpeg ffmpeg |