CVE-2018-12460

Name of the Vulnerable Software and Affected Versions FFmpeg version 4.0

Description The issue is related to a NULL pointer dereference in libavcodec when the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4. This can lead to a denial of service. The problem is associated with the files idctdsp.c and mpegvideo.c.

Recommendations For FFmpeg version 4.0, consider updating to a newer version that contains a fix for this issue, as the current version may trigger a denial of service when converting specific AVI files to MPEG4. At the moment, there is no information about a newer version that contains a fix for this vulnerability.