The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.
"CWE-476: NULL Pointer Dereference"
AC:M for notation of file in bug report
" ffmpeg crashes reproducibly when converting files with some subtitles.
i've seen the crash with self-compiled ffmpeg 1.0 as well as the Mac OS X binary (linked to from the hompage) for 1.0.1.
download the sample file:
CVSS 3.x Severity and Metrics:
NVD score not yet provided.
CVSS 2.0 Severity and Metrics: