CVE-2014-8002

Cisco OpenH264 < 1.2.0 - Use-After-Free in decode_slice.cpp

Title source: llm
STIX 2.1

Description

Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://tools.cisco.com/security/center/viewAlert.x?alertId=36501

Scores

EPSS 0.0224
EPSS Percentile 80.8%

Details

CWE
CWE-119
Status published
Products (1)
cisco/openh264 < 1.2.0
Published Nov 25, 2014
Tracked Since Feb 18, 2026