Buffer Overflow Vulnerability in Cisco OpenH264
CVE-2014-8001

Currently unrated

Key Information:

Vendor: Cisco
Status: Openh264
Vendor: CVE Published:; 25 November 2014

Summary

A buffer overflow vulnerability exists in decode.cpp of Cisco OpenH264 versions 1.2.0 and earlier. This flaw can be exploited by remote attackers who craft specific encoded media files, enabling them to execute arbitrary code within the context of the affected application. This could potentially allow attackers to manipulate system operations or gain unauthorized access to sensitive data.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

https://github.com/cisco/openh264/pull/1088/files

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 25, 2014
Vulnerability Reserved
Oct 8, 2014