From $URL : Description Multiple vulnerabilities with unknown impacts have been reported in FFmpeg. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to 1.0.2. Solution Update to version 1.0.2. Provided and/or discovered by Reported by the vendor. Original Advisory http://freecode.com/projects/ffmpeg/releases/351527
Nothing in the 1.0 branch <1.0.2 is in tree.
This issue was resolved and addressed in GLSA 201310-12 at http://security.gentoo.org/glsa/glsa-201310-12.xml by GLSA coordinator Sean Amoss (ackle).
CVE-2012-6618 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6618): The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate." CVE-2012-6617 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6617): The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format. CVE-2012-6616 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6616): The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data. CVE-2012-6615 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6615): The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.