CVE 2012-2802
Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes."
Related bugs and status
CVE-2012-2802 (Candidate) is related to these bugs:
Bug #1075593: October 2012 libav security tracking bug
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu) | Medium | Fix Released | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Oneiric) | Medium | Invalid | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Precise) | Medium | Fix Released | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Quantal) | Medium | Fix Released | ||
| 1075593 | October 2012 libav security tracking bug | libav (Ubuntu Raring) | Medium | Fix Released | ||
Bug #1078124: updating issues with [USN-1630-1] Libav vulnerabilities and Medibuntu packages
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1078124 | updating issues with [USN-1630-1] Libav vulnerabilities and Medibuntu packages | Medibuntu | Undecided | Fix Released | ||
Bug #1101829: Missing alternative libavutil-exta-51 dependency
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1101829 | Missing alternative libavutil-exta-51 dependency | libav (Ubuntu) | Undecided | Fix Released | ||
Bug #1104019: January 2013 libav security tracking bug
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Oneiric) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Precise) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Raring) | Undecided | Fix Released | ||
| 1104019 | January 2013 libav security tracking bug | libav (Ubuntu Quantal) | Undecided | Fix Released | ||
Bug #1143929: Devel dependencies are too strict for libav-extra packages
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1143929 | Devel dependencies are too strict for libav-extra packages | libav (Ubuntu) | Undecided | Fix Released | ||
Bug #1160734: Merge Libav 0.8.6-1 from unstable
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1160734 | Merge Libav 0.8.6-1 from unstable | libav (Ubuntu) | High | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
