Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities found for ekiga by ekiga
CVE-2011-1830 (GCVE-0-2011-1830)
Vulnerability from nvd – Published: 2019-04-22 15:35 – Updated: 2024-09-17 00:35
VLAI?
Title
Ekiga attempts to dlopen /tmp/ekiga_test.so
Summary
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.
Severity ?
5.7 (Medium)
CWE
- Accidentally enabled debugging code.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2009-07-01 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ekiga",
"vendor": "Gnome",
"versions": [
{
"lessThan": "3.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Robert Collins"
}
],
"datePublic": "2009-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Accidentally enabled debugging code.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-22T15:35:58.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647"
}
],
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/ekiga/+bug/791652"
],
"discovery": "INTERNAL"
},
"title": "Ekiga attempts to dlopen /tmp/ekiga_test.so",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2009-07-01T00:00:00.000Z",
"ID": "CVE-2011-1830",
"STATE": "PUBLIC",
"TITLE": "Ekiga attempts to dlopen /tmp/ekiga_test.so"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ekiga",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.3.0"
}
]
}
}
]
},
"vendor_name": "Gnome"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Robert Collins"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Accidentally enabled debugging code."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647",
"refsource": "MISC",
"url": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647"
}
]
},
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/ekiga/+bug/791652"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2011-1830",
"datePublished": "2019-04-22T15:35:58.768Z",
"dateReserved": "2011-04-27T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:35:49.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5621 (GCVE-0-2012-5621)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 21:14
VLAI?
Summary
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2012-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883058"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099554.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257"
},
{
"name": "ekiga-utf8-dos(80640)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80640"
},
{
"name": "56790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56790"
},
{
"name": "[oss-security] 20121203 Re: CVE Request -- Ekiga (x \u003c 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2012/q4/407"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883058"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099554.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257"
},
{
"name": "ekiga-utf8-dos(80640)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80640"
},
{
"name": "56790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56790"
},
{
"name": "[oss-security] 20121203 Re: CVE Request -- Ekiga (x \u003c 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2012/q4/407"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of",
"refsource": "CONFIRM",
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=883058",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883058"
},
{
"name": "FEDORA-2013-2998",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099554.html"
},
{
"name": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news",
"refsource": "CONFIRM",
"url": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news"
},
{
"name": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257",
"refsource": "CONFIRM",
"url": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257"
},
{
"name": "ekiga-utf8-dos(80640)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80640"
},
{
"name": "56790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56790"
},
{
"name": "[oss-security] 20121203 Re: CVE Request -- Ekiga (x \u003c 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2012/q4/407"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5621",
"datePublished": "2014-09-29T22:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:14:16.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1864 (GCVE-0-2013-1864)
Vulnerability from nvd – Published: 2014-05-23 14:00 – Updated: 2024-08-06 15:20
VLAI?
Summary
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2013-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:35.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/52659"
},
{
"name": "SUSE-SU-2014:0237",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
},
{
"name": "ptlib-xml-dos(82885)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/91439"
},
{
"name": "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"name": "58520",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58520"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a \"billion laughs attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "52659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/52659"
},
{
"name": "SUSE-SU-2014:0237",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
},
{
"name": "ptlib-xml-dos(82885)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/91439"
},
{
"name": "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"name": "58520",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58520"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1864",
"datePublished": "2014-05-23T14:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:35.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4924 (GCVE-0-2007-4924)
Vulnerability from nvd – Published: 2007-10-08 21:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2007-09-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:34.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27118"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "1018776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018776"
},
{
"name": "25955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25955"
},
{
"name": "27129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27129"
},
{
"name": "MDKSA-2007:205",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:205"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=296371"
},
{
"name": "28380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28380"
},
{
"name": "41637",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41637"
},
{
"name": "RHSA-2007:0957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0957.html"
},
{
"name": "[ekiga-list] 20070917 [ANNOUNCE] Ekiga 2.0.10 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html"
},
{
"name": "USN-562-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-562-1"
},
{
"name": "oval:org.mitre.oval:def:11398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.s21sec.com/avisos/s21sec-037-en.txt"
},
{
"name": "20071011 S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482120/30/4500/threaded"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "ADV-2007-3413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3413"
},
{
"name": "ADV-2007-3414",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3414"
},
{
"name": "9240",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/9240"
},
{
"name": "27524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20"
},
{
"name": "27128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \\0 byte to be written to an \"attacker-controlled address.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27118"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "1018776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018776"
},
{
"name": "25955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25955"
},
{
"name": "27129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27129"
},
{
"name": "MDKSA-2007:205",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:205"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=296371"
},
{
"name": "28380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28380"
},
{
"name": "41637",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41637"
},
{
"name": "RHSA-2007:0957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0957.html"
},
{
"name": "[ekiga-list] 20070917 [ANNOUNCE] Ekiga 2.0.10 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html"
},
{
"name": "USN-562-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-562-1"
},
{
"name": "oval:org.mitre.oval:def:11398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.s21sec.com/avisos/s21sec-037-en.txt"
},
{
"name": "20071011 S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482120/30/4500/threaded"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "ADV-2007-3413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3413"
},
{
"name": "ADV-2007-3414",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3414"
},
{
"name": "9240",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/9240"
},
{
"name": "27524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20"
},
{
"name": "27128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \\0 byte to be written to an \"attacker-controlled address.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27118"
},
{
"name": "27271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27271"
},
{
"name": "1018776",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018776"
},
{
"name": "25955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25955"
},
{
"name": "27129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27129"
},
{
"name": "MDKSA-2007:205",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:205"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=296371",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=296371"
},
{
"name": "28380",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28380"
},
{
"name": "41637",
"refsource": "OSVDB",
"url": "http://osvdb.org/41637"
},
{
"name": "RHSA-2007:0957",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0957.html"
},
{
"name": "[ekiga-list] 20070917 [ANNOUNCE] Ekiga 2.0.10 released",
"refsource": "MLIST",
"url": "http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html"
},
{
"name": "USN-562-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-562-1"
},
{
"name": "oval:org.mitre.oval:def:11398",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398"
},
{
"name": "http://www.s21sec.com/avisos/s21sec-037-en.txt",
"refsource": "MISC",
"url": "http://www.s21sec.com/avisos/s21sec-037-en.txt"
},
{
"name": "20071011 S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482120/30/4500/threaded"
},
{
"name": "SUSE-SR:2007:021",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "ADV-2007-3413",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3413"
},
{
"name": "ADV-2007-3414",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3414"
},
{
"name": "9240",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/9240"
},
{
"name": "27524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27524"
},
{
"name": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20",
"refsource": "CONFIRM",
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20"
},
{
"name": "27128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4924",
"datePublished": "2007-10-08T21:00:00.000Z",
"dateReserved": "2007-09-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:08:34.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4897 (GCVE-0-2007-4897)
Vulnerability from nvd – Published: 2007-09-14 18:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2007-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28385"
},
{
"name": "USN-561-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-561-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=292831"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479185/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html"
},
{
"name": "1018683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018683"
},
{
"name": "27150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27150"
},
{
"name": "3138",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3138"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118959114522339\u0026w=2"
},
{
"name": "ekiga-sipurlgethostaddress-dos(36568)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568"
},
{
"name": "27127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27127"
},
{
"name": "25642",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25642"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.s21sec.com/avisos/s21sec-036-en.txt"
},
{
"name": "27518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27518"
},
{
"name": "oval:org.mitre.oval:def:10928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928"
},
{
"name": "MDKSA-2007:206",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206"
},
{
"name": "RHSA-2007:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0932.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a \"memory management flaw\". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28385"
},
{
"name": "USN-561-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-561-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=292831"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479185/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html"
},
{
"name": "1018683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018683"
},
{
"name": "27150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27150"
},
{
"name": "3138",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3138"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118959114522339\u0026w=2"
},
{
"name": "ekiga-sipurlgethostaddress-dos(36568)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568"
},
{
"name": "27127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27127"
},
{
"name": "25642",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25642"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.s21sec.com/avisos/s21sec-036-en.txt"
},
{
"name": "27518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27518"
},
{
"name": "oval:org.mitre.oval:def:10928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928"
},
{
"name": "MDKSA-2007:206",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206"
},
{
"name": "RHSA-2007:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0932.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a \"memory management flaw\". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28385",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28385"
},
{
"name": "USN-561-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-561-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=292831",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=292831"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479185/100/0/threaded"
},
{
"name": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html",
"refsource": "MISC",
"url": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html"
},
{
"name": "1018683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018683"
},
{
"name": "27150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27150"
},
{
"name": "3138",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3138"
},
{
"name": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9",
"refsource": "MISC",
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=118959114522339\u0026w=2"
},
{
"name": "ekiga-sipurlgethostaddress-dos(36568)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568"
},
{
"name": "27127",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27127"
},
{
"name": "25642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25642"
},
{
"name": "http://www.s21sec.com/avisos/s21sec-036-en.txt",
"refsource": "MISC",
"url": "http://www.s21sec.com/avisos/s21sec-036-en.txt"
},
{
"name": "27518",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27518"
},
{
"name": "oval:org.mitre.oval:def:10928",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928"
},
{
"name": "MDKSA-2007:206",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206"
},
{
"name": "RHSA-2007:0932",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0932.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4897",
"datePublished": "2007-09-14T18:00:00.000Z",
"dateReserved": "2007-09-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:08:33.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1007 (GCVE-0-2007-1007)
Vulnerability from nvd – Published: 2007-02-20 17:00 – Updated: 2024-08-07 12:43
VLAI?
Summary
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2007-02-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:21.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24271"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229266"
},
{
"name": "24284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24284"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "24185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24185"
},
{
"name": "RHSA-2007:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0086.html"
},
{
"name": "32083",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32083"
},
{
"name": "oval:org.mitre.oval:def:11776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11776"
},
{
"name": "MDKSA-2007:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:045"
},
{
"name": "20070201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24271"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229266"
},
{
"name": "24284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24284"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "24185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24185"
},
{
"name": "RHSA-2007:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0086.html"
},
{
"name": "32083",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32083"
},
{
"name": "oval:org.mitre.oval:def:11776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11776"
},
{
"name": "MDKSA-2007:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:045"
},
{
"name": "20070201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1007",
"datePublished": "2007-02-20T17:00:00.000Z",
"dateReserved": "2007-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:21.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1006 (GCVE-0-2007-1006)
Vulnerability from nvd – Published: 2007-02-20 00:00 – Updated: 2024-08-07 12:43
VLAI?
Summary
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2007-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:044"
},
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "FEDORA-2007-262",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2682"
},
{
"name": "[Ekiga-list] 20070213 Ekiga 2.0.5 available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200702-01.txt"
},
{
"name": "31939",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/31939"
},
{
"name": "22613",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22613"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24271"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "GLSA-200703-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-25.xml"
},
{
"name": "24228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24228"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "oval:org.mitre.oval:def:11642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11642"
},
{
"name": "24680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24680"
},
{
"name": "FEDORA-2007-263",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2683"
},
{
"name": "RHSA-2007:0087",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0087.html"
},
{
"name": "24229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ekiga.org/index.php?rub=10\u0026archive=1"
},
{
"name": "24194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24194"
},
{
"name": "1017673",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017673"
},
{
"name": "ADV-2007-0655",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0655"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2007:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:044"
},
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "FEDORA-2007-262",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2682"
},
{
"name": "[Ekiga-list] 20070213 Ekiga 2.0.5 available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200702-01.txt"
},
{
"name": "31939",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/31939"
},
{
"name": "22613",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22613"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24271"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "GLSA-200703-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-25.xml"
},
{
"name": "24228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24228"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "oval:org.mitre.oval:def:11642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11642"
},
{
"name": "24680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24680"
},
{
"name": "FEDORA-2007-263",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2683"
},
{
"name": "RHSA-2007:0087",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0087.html"
},
{
"name": "24229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ekiga.org/index.php?rub=10\u0026archive=1"
},
{
"name": "24194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24194"
},
{
"name": "1017673",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017673"
},
{
"name": "ADV-2007-0655",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0655"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1006",
"datePublished": "2007-02-20T00:00:00.000Z",
"dateReserved": "2007-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1830 (GCVE-0-2011-1830)
Vulnerability from cvelistv5 – Published: 2019-04-22 15:35 – Updated: 2024-09-17 00:35
VLAI?
Title
Ekiga attempts to dlopen /tmp/ekiga_test.so
Summary
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.
Severity ?
5.7 (Medium)
CWE
- Accidentally enabled debugging code.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2009-07-01 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ekiga",
"vendor": "Gnome",
"versions": [
{
"lessThan": "3.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Robert Collins"
}
],
"datePublic": "2009-07-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Accidentally enabled debugging code.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-22T15:35:58.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647"
}
],
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/ekiga/+bug/791652"
],
"discovery": "INTERNAL"
},
"title": "Ekiga attempts to dlopen /tmp/ekiga_test.so",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2009-07-01T00:00:00.000Z",
"ID": "CVE-2011-1830",
"STATE": "PUBLIC",
"TITLE": "Ekiga attempts to dlopen /tmp/ekiga_test.so"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ekiga",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "3.3.0"
}
]
}
}
]
},
"vendor_name": "Gnome"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Robert Collins"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Accidentally enabled debugging code."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647",
"refsource": "MISC",
"url": "https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647"
}
]
},
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/ekiga/+bug/791652"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2011-1830",
"datePublished": "2019-04-22T15:35:58.768Z",
"dateReserved": "2011-04-27T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:35:49.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5621 (GCVE-0-2012-5621)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 21:14
VLAI?
Summary
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2012-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883058"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099554.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257"
},
{
"name": "ekiga-utf8-dos(80640)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80640"
},
{
"name": "56790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56790"
},
{
"name": "[oss-security] 20121203 Re: CVE Request -- Ekiga (x \u003c 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2012/q4/407"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883058"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099554.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257"
},
{
"name": "ekiga-utf8-dos(80640)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80640"
},
{
"name": "56790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56790"
},
{
"name": "[oss-security] 20121203 Re: CVE Request -- Ekiga (x \u003c 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2012/q4/407"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of",
"refsource": "CONFIRM",
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=883058",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883058"
},
{
"name": "FEDORA-2013-2998",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099554.html"
},
{
"name": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news",
"refsource": "CONFIRM",
"url": "http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news"
},
{
"name": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257",
"refsource": "CONFIRM",
"url": "https://git.gnome.org/browse/ekiga/commit/?id=7d09807257"
},
{
"name": "ekiga-utf8-dos(80640)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80640"
},
{
"name": "56790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56790"
},
{
"name": "[oss-security] 20121203 Re: CVE Request -- Ekiga (x \u003c 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2012/q4/407"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5621",
"datePublished": "2014-09-29T22:00:00.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:14:16.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1864 (GCVE-0-2013-1864)
Vulnerability from cvelistv5 – Published: 2014-05-23 14:00 – Updated: 2024-08-06 15:20
VLAI?
Summary
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2013-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:35.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/52659"
},
{
"name": "SUSE-SU-2014:0237",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
},
{
"name": "ptlib-xml-dos(82885)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/91439"
},
{
"name": "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"name": "58520",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58520"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a \"billion laughs attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "52659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/52659"
},
{
"name": "SUSE-SU-2014:0237",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
},
{
"name": "ptlib-xml-dos(82885)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"name": "FEDORA-2013-2998",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/91439"
},
{
"name": "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"name": "58520",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58520"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1864",
"datePublished": "2014-05-23T14:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:20:35.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4924 (GCVE-0-2007-4924)
Vulnerability from cvelistv5 – Published: 2007-10-08 21:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2007-09-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:34.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27118"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "1018776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018776"
},
{
"name": "25955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25955"
},
{
"name": "27129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27129"
},
{
"name": "MDKSA-2007:205",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:205"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=296371"
},
{
"name": "28380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28380"
},
{
"name": "41637",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41637"
},
{
"name": "RHSA-2007:0957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0957.html"
},
{
"name": "[ekiga-list] 20070917 [ANNOUNCE] Ekiga 2.0.10 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html"
},
{
"name": "USN-562-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-562-1"
},
{
"name": "oval:org.mitre.oval:def:11398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.s21sec.com/avisos/s21sec-037-en.txt"
},
{
"name": "20071011 S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482120/30/4500/threaded"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "ADV-2007-3413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3413"
},
{
"name": "ADV-2007-3414",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3414"
},
{
"name": "9240",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/9240"
},
{
"name": "27524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20"
},
{
"name": "27128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \\0 byte to be written to an \"attacker-controlled address.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27118"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "1018776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018776"
},
{
"name": "25955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25955"
},
{
"name": "27129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27129"
},
{
"name": "MDKSA-2007:205",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:205"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=296371"
},
{
"name": "28380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28380"
},
{
"name": "41637",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41637"
},
{
"name": "RHSA-2007:0957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0957.html"
},
{
"name": "[ekiga-list] 20070917 [ANNOUNCE] Ekiga 2.0.10 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html"
},
{
"name": "USN-562-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-562-1"
},
{
"name": "oval:org.mitre.oval:def:11398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.s21sec.com/avisos/s21sec-037-en.txt"
},
{
"name": "20071011 S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482120/30/4500/threaded"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "ADV-2007-3413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3413"
},
{
"name": "ADV-2007-3414",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3414"
},
{
"name": "9240",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/9240"
},
{
"name": "27524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20"
},
{
"name": "27128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \\0 byte to be written to an \"attacker-controlled address.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27118"
},
{
"name": "27271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27271"
},
{
"name": "1018776",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018776"
},
{
"name": "25955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25955"
},
{
"name": "27129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27129"
},
{
"name": "MDKSA-2007:205",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:205"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=296371",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=296371"
},
{
"name": "28380",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28380"
},
{
"name": "41637",
"refsource": "OSVDB",
"url": "http://osvdb.org/41637"
},
{
"name": "RHSA-2007:0957",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0957.html"
},
{
"name": "[ekiga-list] 20070917 [ANNOUNCE] Ekiga 2.0.10 released",
"refsource": "MLIST",
"url": "http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html"
},
{
"name": "USN-562-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-562-1"
},
{
"name": "oval:org.mitre.oval:def:11398",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398"
},
{
"name": "http://www.s21sec.com/avisos/s21sec-037-en.txt",
"refsource": "MISC",
"url": "http://www.s21sec.com/avisos/s21sec-037-en.txt"
},
{
"name": "20071011 S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482120/30/4500/threaded"
},
{
"name": "SUSE-SR:2007:021",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "ADV-2007-3413",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3413"
},
{
"name": "ADV-2007-3414",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3414"
},
{
"name": "9240",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/9240"
},
{
"name": "27524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27524"
},
{
"name": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20",
"refsource": "CONFIRM",
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19\u0026r2=2.83.2.20"
},
{
"name": "27128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4924",
"datePublished": "2007-10-08T21:00:00.000Z",
"dateReserved": "2007-09-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:08:34.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4897 (GCVE-0-2007-4897)
Vulnerability from cvelistv5 – Published: 2007-09-14 18:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2007-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28385"
},
{
"name": "USN-561-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-561-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=292831"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479185/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html"
},
{
"name": "1018683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018683"
},
{
"name": "27150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27150"
},
{
"name": "3138",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3138"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118959114522339\u0026w=2"
},
{
"name": "ekiga-sipurlgethostaddress-dos(36568)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568"
},
{
"name": "27127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27127"
},
{
"name": "25642",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25642"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.s21sec.com/avisos/s21sec-036-en.txt"
},
{
"name": "27518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27518"
},
{
"name": "oval:org.mitre.oval:def:10928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928"
},
{
"name": "MDKSA-2007:206",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206"
},
{
"name": "RHSA-2007:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0932.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a \"memory management flaw\". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28385"
},
{
"name": "USN-561-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-561-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=292831"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479185/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html"
},
{
"name": "1018683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018683"
},
{
"name": "27150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27150"
},
{
"name": "3138",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3138"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118959114522339\u0026w=2"
},
{
"name": "ekiga-sipurlgethostaddress-dos(36568)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568"
},
{
"name": "27127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27127"
},
{
"name": "25642",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25642"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.s21sec.com/avisos/s21sec-036-en.txt"
},
{
"name": "27518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27518"
},
{
"name": "oval:org.mitre.oval:def:10928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928"
},
{
"name": "MDKSA-2007:206",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206"
},
{
"name": "RHSA-2007:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0932.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a \"memory management flaw\". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28385",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28385"
},
{
"name": "USN-561-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-561-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=292831",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=292831"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479185/100/0/threaded"
},
{
"name": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html",
"refsource": "MISC",
"url": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html"
},
{
"name": "1018683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018683"
},
{
"name": "27150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27150"
},
{
"name": "3138",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3138"
},
{
"name": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9",
"refsource": "MISC",
"url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25\u0026r2=2.120.2.26\u0026pathrev=v2_2_9"
},
{
"name": "20070912 S21SEC-036-EN Ekiga \u003c= 2.0.5 Denial of service",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=118959114522339\u0026w=2"
},
{
"name": "ekiga-sipurlgethostaddress-dos(36568)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568"
},
{
"name": "27127",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27127"
},
{
"name": "25642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25642"
},
{
"name": "http://www.s21sec.com/avisos/s21sec-036-en.txt",
"refsource": "MISC",
"url": "http://www.s21sec.com/avisos/s21sec-036-en.txt"
},
{
"name": "27518",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27518"
},
{
"name": "oval:org.mitre.oval:def:10928",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928"
},
{
"name": "MDKSA-2007:206",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206"
},
{
"name": "RHSA-2007:0932",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0932.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4897",
"datePublished": "2007-09-14T18:00:00.000Z",
"dateReserved": "2007-09-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:08:33.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1007 (GCVE-0-2007-1007)
Vulnerability from cvelistv5 – Published: 2007-02-20 17:00 – Updated: 2024-08-07 12:43
VLAI?
Summary
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2007-02-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:21.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24271"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229266"
},
{
"name": "24284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24284"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "24185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24185"
},
{
"name": "RHSA-2007:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0086.html"
},
{
"name": "32083",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32083"
},
{
"name": "oval:org.mitre.oval:def:11776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11776"
},
{
"name": "MDKSA-2007:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:045"
},
{
"name": "20070201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24271"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229266"
},
{
"name": "24284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24284"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "24185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24185"
},
{
"name": "RHSA-2007:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0086.html"
},
{
"name": "32083",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32083"
},
{
"name": "oval:org.mitre.oval:def:11776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11776"
},
{
"name": "MDKSA-2007:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:045"
},
{
"name": "20070201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1007",
"datePublished": "2007-02-20T17:00:00.000Z",
"dateReserved": "2007-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:21.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1006 (GCVE-0-2007-1006)
Vulnerability from cvelistv5 – Published: 2007-02-20 00:00 – Updated: 2024-08-07 12:43
VLAI?
Summary
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2007-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:044"
},
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "FEDORA-2007-262",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2682"
},
{
"name": "[Ekiga-list] 20070213 Ekiga 2.0.5 available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200702-01.txt"
},
{
"name": "31939",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/31939"
},
{
"name": "22613",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22613"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24271"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "GLSA-200703-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-25.xml"
},
{
"name": "24228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24228"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "oval:org.mitre.oval:def:11642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11642"
},
{
"name": "24680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24680"
},
{
"name": "FEDORA-2007-263",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2683"
},
{
"name": "RHSA-2007:0087",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0087.html"
},
{
"name": "24229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ekiga.org/index.php?rub=10\u0026archive=1"
},
{
"name": "24194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24194"
},
{
"name": "1017673",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017673"
},
{
"name": "ADV-2007-0655",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0655"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2007:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:044"
},
{
"name": "25119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25119"
},
{
"name": "FEDORA-2007-262",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2682"
},
{
"name": "[Ekiga-list] 20070213 Ekiga 2.0.5 available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200702-01.txt"
},
{
"name": "31939",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/31939"
},
{
"name": "22613",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22613"
},
{
"name": "24271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24271"
},
{
"name": "24379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24379"
},
{
"name": "SUSE-SR:2007:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name": "GLSA-200703-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-25.xml"
},
{
"name": "24228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24228"
},
{
"name": "DSA-1262",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1262"
},
{
"name": "oval:org.mitre.oval:def:11642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11642"
},
{
"name": "24680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24680"
},
{
"name": "FEDORA-2007-263",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2683"
},
{
"name": "RHSA-2007:0087",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0087.html"
},
{
"name": "24229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ekiga.org/index.php?rub=10\u0026archive=1"
},
{
"name": "24194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24194"
},
{
"name": "1017673",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017673"
},
{
"name": "ADV-2007-0655",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0655"
},
{
"name": "USN-426-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-426-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1006",
"datePublished": "2007-02-20T00:00:00.000Z",
"dateReserved": "2007-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}