Heap-based buffer overflow in the avfilter_filter_samples function in libavfilter/avfilter.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file.
http://www.openwall.com/lists/oss-security/2012/02/14/4
http://www.openwall.com/lists/oss-security/2012/02/01/11
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=ae21776207e8a2bbe268e7c9e203f7599dd87ddb