Ekiga

ekiga

7 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-1830 1Ekiga 1Ekiga Nov 21, 2024 Apr 22, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.
CVE-2012-5621 1Ekiga 1Ekiga May 6, 2026 Sep 29, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.
CVE-2013-1864 3Ekiga OpalvoipSuse 4Ekiga Portable Tool LibrarySuse Linux Enterprise Desktop+1 more May 6, 2026 May 23, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU...Show more The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."Show less
CVE-2007-4924 2Ekiga Openh323 Project 2Ekiga Openh323 Apr 23, 2026 Oct 8, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Sess...Show more The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."Show less
CVE-2007-4897 1Ekiga 1Ekiga Apr 23, 2026 Sep 14, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management f...Show more pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).Show less
CVE-2007-1007 2Ekiga Redhat 3Ekiga Enterprise LinuxEnterprise Linux Desktop Apr 23, 2026 Feb 20, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled...Show more Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.Show less
CVE-2007-1006 1Ekiga 1Ekiga Apr 23, 2026 Feb 20, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.