Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a Denial of Service and potentially compromise a user’s system, according to Secunia.
The vulnerabilities are caused due to various errors within the 4xm, ADPCM IMA Electronic Arts EACS, ANM, Delphine Software International CIN, Electronic Arts CMV, PTX, QDM2, QuickDraw, TIFF, Tiertex Limited SEQ, aac, bink, flic, h264, indeo2, jpeg 2000, mpc v8, rasterfile, shorten, sun raster, vmd audio, vmd video, wmapro, wmavoice, and xan decoders, the 4X Technologies, Deluxe Paint Animation, avi, and avs demuxers, the libx264 interface to the x264 encoder, the unsharp filter, and the mov muxer, which can be exploited to e.g. cause NULL pointer dereferences, out-of-bounds reads and writes, double-frees, and buffer overflows via e.g. specially crafted media content.
The vulnerabilities are reported in versions prior to 0.7.6 and 0.8.5.
Solution: Update to version 0.7.6 and 0.8.5.