CVE-2007-4897
CVE-2007-4897
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/9241no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.htmlhttp://marc.info/?l=full-disclosure&m=118959114522339&w=2http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25&r2=2.120.2.26&pathrev=v2_2_9https://bugzilla.redhat.com/show_bug.cgi?id=292831http://secunia.com/advisories/27127http://secunia.com/advisories/27150http://secunia.com/advisories/27518http://secunia.com/advisories/28385http://securityreason.com/securityalert/3138https://exchange.xforce.ibmcloud.com/vulnerabilities/36568https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928http://www.mandriva.com/security/advisories?name=MDKSA-2007:206