PT-2007-6038 · Ekiga+2 · Ekiga+2
Publicado
2007-10-08
·
Atualizado
2018-10-15
·
CVE-2007-4924
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
Ekiga versions prior to 2.0.10
OpenH323 versions prior to 2.2.4
Description:
The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending an invalid Content-Length header field in Session Initiation Protocol (SIP) packets. This causes a 0 byte to be written to an attacker-controlled address.
Recommendations:
For Ekiga versions prior to 2.0.10, update to version 2.0.10 or later to resolve the issue.
For OpenH323 versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue.
Exploit
Correção
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ekiga
Openh323
Red Hat