Launchpad CVE tracker

CVE 2012-2791

Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact and attack vectors, related to the "transform size."

Related bugs and status

CVE-2012-2791 (Candidate) is related to these bugs:

Bug #1101829: Missing alternative libavutil-exta-51 dependency

Summary				In	Importance	Status
	1101829	Missing alternative libavutil-exta-51 dependency		libav (Ubuntu)	Undecided	Fix Released

Bug #1104019: January 2013 libav security tracking bug

		In	Importance	Status
1104019	January 2013 libav security tracking bug	libav (Ubuntu)	Undecided	Fix Released
1104019	January 2013 libav security tracking bug	libav (Ubuntu Oneiric)	Undecided	Fix Released
1104019	January 2013 libav security tracking bug	libav (Ubuntu Precise)	Undecided	Fix Released
1104019	January 2013 libav security tracking bug	libav (Ubuntu Raring)	Undecided	Fix Released
1104019	January 2013 libav security tracking bug	libav (Ubuntu Quantal)	Undecided	Fix Released

Bug #1143929: Devel dependencies are too strict for libav-extra packages

Summary				In	Importance	Status
	1143929	Devel dependencies are too strict for libav-extra packages		libav (Ubuntu)	Undecided	Fix Released

Bug #1160734: Merge Libav 0.8.6-1 from unstable

Summary				In	Importance	Status
	1160734	Merge Libav 0.8.6-1 from unstable		libav (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-2791

References