CVE-2007-4924

Impact:
Moderate
Public Date:
2007-09-17
CWE:
CWE-20
Bugzilla:
296371: CVE-2007-4924 ekiga remote crash caused by insufficient input validation

The MITRE CVE dictionary describes this issue as:

The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."

Find out more about CVE-2007-4924 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (opal) RHSA-2007:0957 2007-10-08
Red Hat Enterprise Linux 5 (opal) RHSA-2007:0957 2007-10-08

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.