CVE-2014-8002
Cisco OpenH264 < 1.2.0 - Use-After-Free in decode_slice.cpp
Title source: llmDescription
Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://tools.cisco.com/security/center/viewAlert.x?alertId=36501
Patch x_refsource_confirm
https://github.com/cisco/openh264/pull/1096/files
Scores
EPSS
0.0224
EPSS Percentile
80.8%
Details
CWE
CWE-119
Status
published
Products (1)
cisco/openh264
< 1.2.0
Published
Nov 25, 2014
Tracked Since
Feb 18, 2026