Launchpad.net

CVE 2012-0852

The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two.

Related bugs and status

CVE-2012-0852 (Candidate) is related to these bugs:

Bug #1012132: June libav/ffmpeg security update tracking bug

		In	Importance	Status
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Lucid)	Undecided	Invalid
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Natty)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Quantal)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Precise)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Oneiric)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-0852

Related bugs and status

Related bugs

References