VYPR

Ekiga

by Ekiga

CVEs (7)

  • CVE-2007-4924Oct 8, 2007
    risk 0.04cvss epss 0.11

    The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0…

  • CVE-2007-4897Sep 14, 2007
    risk 0.04cvss epss 0.11

    pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in…

  • CVE-2007-1007Feb 20, 2007
    risk 0.01cvss epss 0.07

    Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.

  • CVE-2012-5621Sep 29, 2014
    risk 0.00cvss epss 0.03

    lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

  • CVE-2013-1864May 23, 2014
    risk 0.00cvss epss 0.03

    The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large…

  • CVE-2007-0999Mar 10, 2007
    risk 0.00cvss epss 0.03

    Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006.

  • CVE-2007-1006Feb 20, 2007
    risk 0.00cvss epss 0.04

    Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.

VYPR — Vulnerability Intelligence