CVE-2007-4924
OpenH323 Opal SIP Protocol - Remote Denial of Service
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."
Open Phone Abstraction Library (opal), como la usada en (1) Ekiga anterior a 2.0.10 y (2) OpenH323 anterior a 2.2.4, permite a atacantes remotos provocar una denegación de servicio (caída) mediante una cabecera Content-Length inválida en paquetes SIP del Protocolo de Inicio de Sesión (SIP, Session Initiation Protocol), lo cual provoca que el byte \0 sea escrito en una "dirección controlada por el atacante".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-09-17 CVE Reserved
- 2007-10-08 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-08-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (23)
| URL | Tag | Source |
|---|---|---|
| http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19&r2=2.83.2.20 | X_refsource_confirm | |
| http://osvdb.org/41637 | Vdb Entry | |
| http://secunia.com/advisories/27271 | Third Party Advisory | |
| http://secunia.com/advisories/27524 | Third Party Advisory | |
| http://secunia.com/advisories/28380 | Third Party Advisory | |
| http://www.s21sec.com/avisos/s21sec-037-en.txt | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/482120/30/4500/threaded | Mailing List | |
| http://www.securityfocus.com/bid/25955 | Vdb Entry | |
| http://www.securitytracker.com/id?1018776 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/3413 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/3414 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/9240 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html | 2018-10-15 | |
| http://secunia.com/advisories/27118 | 2018-10-15 | |
| http://secunia.com/advisories/27128 | 2018-10-15 | |
| http://secunia.com/advisories/27129 | 2018-10-15 | |
| http://www.redhat.com/support/errata/RHSA-2007-0957.html | 2018-10-15 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | 2018-10-15 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:205 | 2018-10-15 | |
| http://www.ubuntu.com/usn/usn-562-1 | 2018-10-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=296371 | 2007-10-08 | |
| https://access.redhat.com/security/cve/CVE-2007-4924 | 2007-10-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ekiga Search vendor "Ekiga" | Ekiga Search vendor "Ekiga" for product "Ekiga" | <= 2.0.9 Search vendor "Ekiga" for product "Ekiga" and version " <= 2.0.9" | - |
Affected
| ||||||
| Openh323 Project Search vendor "Openh323 Project" | Openh323 Search vendor "Openh323 Project" for product "Openh323" | <= 2.2.3 Search vendor "Openh323 Project" for product "Openh323" and version " <= 2.2.3" | - |
Affected
| ||||||