DescriptionThe av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
|National Vulnerability Database
List of released packages
|Fixed package version(s)
openSUSE Tumbleweed GA libav-tools-12.3-1.17
SUSE Timeline for this CVECVE page created: Tue Dec 24 23:15:09 2013
CVE page last modified: Fri Oct 7 12:46:22 2022