The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value.
http://www.ffmpeg.org/security.html
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=fd4f4923cce6a2cbf4f48640b4ac706e614a1594