Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ekiga Subscribe
Filtered by product Ekiga
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1830 1 Ekiga 1 Ekiga 2019-10-09 6.8 MEDIUM 8.8 HIGH
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.
CVE-2007-4897 1 Ekiga 1 Ekiga 2018-10-15 5.0 MEDIUM N/A
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
CVE-2007-4924 2 Ekiga, Openh323 Project 2 Ekiga, Openh323 2018-10-15 5.0 MEDIUM N/A
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."
CVE-2007-1006 1 Ekiga 1 Ekiga 2017-10-10 10.0 HIGH N/A
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.
CVE-2007-1007 2 Ekiga, Redhat 3 Ekiga, Enterprise Linux, Enterprise Linux Desktop 2017-10-10 10.0 HIGH N/A
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.
CVE-2013-1864 3 Ekiga, Opalvoip, Suse 4 Ekiga, Portable Tool Library, Suse Linux Enterprise Desktop and 1 more 2017-08-28 4.3 MEDIUM N/A
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
CVE-2012-5621 1 Ekiga 1 Ekiga 2017-08-28 5.0 MEDIUM N/A
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.