ffmpeg -- remote attacker can access local files
Arch Linux reports:
ffmpeg has a vulnerability in the current version that allows the
attacker to create a specially crafted video file, downloading which
will send files from a user PC to a remote attacker server. The
attack does not even require the user to open that file — for
example, KDE Dolphin thumbnail generation is enough.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright