CVE 2012-2802
Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes."
Related bugs and status
CVE-2012-2802 (Candidate) is related to these bugs:
Bug #1075593: October 2012 libav security tracking bug
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1075593 | October 2012 libav security tracking bug | libav (Ubuntu) | Medium | Fix Released | ||
1075593 | October 2012 libav security tracking bug | libav (Ubuntu Oneiric) | Medium | Invalid | ||
1075593 | October 2012 libav security tracking bug | libav (Ubuntu Precise) | Medium | Fix Released | ||
1075593 | October 2012 libav security tracking bug | libav (Ubuntu Quantal) | Medium | Fix Released | ||
1075593 | October 2012 libav security tracking bug | libav (Ubuntu Raring) | Medium | Fix Released |
Bug #1078124: updating issues with [USN-1630-1] Libav vulnerabilities and Medibuntu packages
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1078124 | updating issues with [USN-1630-1] Libav vulnerabilities and Medibuntu packages | Medibuntu | Undecided | Fix Released |
Bug #1101829: Missing alternative libavutil-exta-51 dependency
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1101829 | Missing alternative libavutil-exta-51 dependency | libav (Ubuntu) | Undecided | Fix Released |
Bug #1104019: January 2013 libav security tracking bug
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1104019 | January 2013 libav security tracking bug | libav (Ubuntu) | Undecided | Fix Released | ||
1104019 | January 2013 libav security tracking bug | libav (Ubuntu Oneiric) | Undecided | Fix Released | ||
1104019 | January 2013 libav security tracking bug | libav (Ubuntu Precise) | Undecided | Fix Released | ||
1104019 | January 2013 libav security tracking bug | libav (Ubuntu Raring) | Undecided | Fix Released | ||
1104019 | January 2013 libav security tracking bug | libav (Ubuntu Quantal) | Undecided | Fix Released |
Bug #1143929: Devel dependencies are too strict for libav-extra packages
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1143929 | Devel dependencies are too strict for libav-extra packages | libav (Ubuntu) | Undecided | Fix Released |
Bug #1160734: Merge Libav 0.8.6-1 from unstable
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1160734 | Merge Libav 0.8.6-1 from unstable | libav (Ubuntu) | High | Fix Released |
See the
CVE page on Mitre.org
for more details.