The zlib_refill function in libavformat/swfdec.c in FFmpeg prior to 3.1.3 allows remote malicious users to cause an infinite loop denial of service via a crafted SWF file.
ffmpeg ffmpeg