Use-after-free Vulnerability in Cisco OpenH264 Media Decoder
CVE-2014-8002

Currently unrated

Key Information:

Vendor: Cisco
Status: Openh264
Vendor: CVE Published:; 25 November 2014

Summary

The use-after-free vulnerability in Cisco OpenH264 affects versions 1.2.0 and earlier, allowing attackers to exploit encoded media files. By leveraging this vulnerability, remote attackers can potentially execute arbitrary code on the affected system when the media file is processed. This highlights the importance of updating to secure versions and implementing robust security measures to safeguard against exploitation.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

https://github.com/cisco/openh264/pull/1096/files

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 25, 2014
Vulnerability Reserved
Oct 8, 2014