An issue exists in Jave2 version 3.3.1, allows malicious users to execute arbitrary code via the FFmpeg function.
aarboard jave2 3.3.1