Ekiga
by Ekiga
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-4924 | 0.04 | — | 0.11 | Oct 8, 2007 | The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0… | |||
| CVE-2007-4897 | 0.04 | — | 0.11 | Sep 14, 2007 | pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in… | |||
| CVE-2007-1007 | 0.01 | — | 0.07 | Feb 20, 2007 | Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function. | |||
| CVE-2012-5621 | 0.00 | — | 0.03 | Sep 29, 2014 | lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings. | |||
| CVE-2013-1864 | 0.00 | — | 0.03 | May 23, 2014 | The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large… | |||
| CVE-2007-0999 | 0.00 | — | 0.03 | Mar 10, 2007 | Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. | |||
| CVE-2007-1006 | 0.00 | — | 0.04 | Feb 20, 2007 | Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet. |
- CVE-2007-4924Oct 8, 2007risk 0.04cvss —epss 0.11
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0…
- CVE-2007-4897Sep 14, 2007risk 0.04cvss —epss 0.11
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in…
- CVE-2007-1007Feb 20, 2007risk 0.01cvss —epss 0.07
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.
- CVE-2012-5621Sep 29, 2014risk 0.00cvss —epss 0.03
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.
- CVE-2013-1864May 23, 2014risk 0.00cvss —epss 0.03
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large…
- CVE-2007-0999Mar 10, 2007risk 0.00cvss —epss 0.03
Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006.
- CVE-2007-1006Feb 20, 2007risk 0.00cvss —epss 0.04
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.