[Bug 1086647] VUL-1: CVE-2017-18242: The apply_dependent_coupling function in libavcodec/aacdec.c allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.