FFmpeg and Libav contain a flaw in the decode_byterun() function in libavcodec/iff.c. With a specially crafted file, a context-dependent attacker can trigger use of uninitialized memory, leading to an unspecified impact. No further details have been provided by the vendor.