CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1830 – Ekiga attempts to dlopen /tmp/ekiga_test.so
https://notcve.org/view.php?id=CVE-2011-1830
22 Apr 2019 — Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so. Las versiones de Ekiga anteriores a la 3.3.0 intentaron cargar un módulo desde /tmp/ekiga_test.so. • https://gitlab.gnome.org/GNOME/ekiga/commit/02654fc949722a78d41fcffac8687d73d8574647 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2012-5621
https://notcve.org/view.php?id=CVE-2012-5621
29 Sep 2014 — lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings. lib/engine/components/opal/opal-call.cpp en ekiga anterior a 4.0.0 permite a atacantes remotos causar una denegación de servicio (caída) a través de una conexión con un nombre de parte que contiene cadenas UTF-8 inválidas. • http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 3%CPEs: 7EXPL: 1CVE-2013-1864
https://notcve.org/view.php?id=CVE-2013-1864
23 May 2014 — The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack." Portable Tool Library (también conocido como PTLib) anterior a 2.10.10, utilizado en Ekiga anterior a 4.0.1, no detecta debidamente recursión durante expansión de en... • http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 22%CPEs: 2EXPL: 1CVE-2007-4924 – OpenH323 Opal SIP Protocol - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4924
08 Oct 2007 — The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address." Open Phone Abstraction Library (opal), como la usada en (1) Ekiga anterior a 2.0.10 y (2) OpenH323 anterior a 2.2.4, permite a atacantes remotos provocar una denegación de servici... • https://www.exploit-db.com/exploits/9240 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 19%CPEs: 1EXPL: 1CVE-2007-4897 – Ekiga 2.0.5 - 'GetHostAddress' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4897
14 Sep 2007 — pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting). pwlib, tal y como es usada por Ekiga versión 2.0.5 y posiblemente otros productos, permite a atacantes remotos causar una denegación de servicio (bloqueo de aplica... • https://www.exploit-db.com/exploits/9241 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 13%CPEs: 9EXPL: 0CVE-2007-1007
https://notcve.org/view.php?id=CVE-2007-1007
20 Feb 2007 — Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function. Vulnerabilidad de cadena de formato en GnomeMeeting 1.0.2 y anteriores permiten a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante cadenas de formato en el nombre, que no e... • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2007-1006 – Ekiga format string flaw
https://notcve.org/view.php?id=CVE-2007-1006
20 Feb 2007 — Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet. Múltiples vulnerabilidades de cadena de formato en la función gm_main_window_flash_message en Ekiga versiones anteriores a 2.0.5, permiten a atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de un paquete SETUP Q.931 especialmente diseñado. • http://fedoranews.org/cms/node/2682 • CWE-134: Use of Externally-Controlled Format String •