CVE 2012-2798
Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."
Related bugs and status
CVE-2012-2798 (Candidate) is related to these bugs:
Bug #1075593: October 2012 libav security tracking bug
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu) | Medium | Fix Released | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Oneiric) | Medium | Invalid | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Precise) | Medium | Fix Released | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Quantal) | Medium | Fix Released | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Raring) | Medium | Fix Released | ||
Bug #1078124: updating issues with [USN-1630-1] Libav vulnerabilities and Medibuntu packages
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1078124 | updating issues with [USN-1630-1] Libav vulnerabilities and Medibuntu packages | Medibuntu | Undecided | Fix Released | ||
Bug #1101829: Missing alternative libavutil-exta-51 dependency
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1101829 | Missing alternative libavutil-exta-51 dependency | libav (Ubuntu) | Undecided | Fix Released | ||
Bug #1104019: January 2013 libav security tracking bug
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Oneiric) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Precise) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Raring) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Quantal) | Undecided | Fix Released | ||
Bug #1143929: Devel dependencies are too strict for libav-extra packages
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1143929 | Devel dependencies are too strict for libav-extra packages | libav (Ubuntu) | Undecided | Fix Released | ||
Bug #1160734: Merge Libav 0.8.6-1 from unstable
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1160734 | Merge Libav 0.8.6-1 from unstable | libav (Ubuntu) | High | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
