CVE-2012-6618

EPSS 1.0%

libav - security update

Published: 12/24/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2012-6618

Description

The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."

Affected packages (2)

Debian/ffmpegfrom 0, < 7:2.4.1-1
Debian/libavfrom 0, < 6:0.8.12-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-6618