Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via crafted LucasArts Smush video data.Referenceshttp://www.ffmpeg.org/security.htmlhttps://security.gentoo.org/glsa/201603-06http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=62c9beda0c189db5cb61fa772057e3af9521f293http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=89e16e675d3cbe76cf4581f98bf4ac300cab0286
