CVE-2007-4897
CVE-2007-4897
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/9241não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.htmlhttp://marc.info/?l=full-disclosure&m=118959114522339&w=2http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25&r2=2.120.2.26&pathrev=v2_2_9https://bugzilla.redhat.com/show_bug.cgi?id=292831http://secunia.com/advisories/27127http://secunia.com/advisories/27150http://secunia.com/advisories/27518http://secunia.com/advisories/28385http://securityreason.com/securityalert/3138https://exchange.xforce.ibmcloud.com/vulnerabilities/36568https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928http://www.mandriva.com/security/advisories?name=MDKSA-2007:206