CVE-2012-0859

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 0.9.1

Description The issue is related to the render line function in the vorbis codec of libavcodec, which allows remote attackers to cause a denial of service, potentially leading to application crashes, and possibly execute arbitrary code via a crafted Vorbis file. This is due to a large multiplier and is a result of an incomplete fix for a previous issue.

Recommendations For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted Vorbis files to minimize the risk of exploitation.