CVE-2014-8002

Currently unrated

Key Information:

Vendor: Cisco
Status: Openh264
Vendor: CVE Published:; 25 November 2014

Summary

Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

https://github.com/cisco/openh264/pull/1096/files

x_refsource_CONFIRM

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 25, 2014
Vulnerability Reserved
Oct 8, 2014