CVE-2012-0854

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 0.9.1

Description The issue is related to the dpcm decode frame function in libavcodec/dpcm.c, which does not properly handle a pointer after an audio API change. This can be exploited by remote attackers to cause a denial of service, resulting in an application crash due to a heap-based buffer overflow.

Recommendations For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue. As a temporary workaround, consider restricting access to audio decoding functions to minimize the risk of exploitation.