Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.
https://github.com/cisco/openh264/pull/1088/files
http://tools.cisco.com/security/center/viewAlert.x?alertId=36500