6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.028 Low
EPSS
Percentile
90.6%
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.
CPE | Name | Operator | Version |
---|---|---|---|
ekiga:ekiga | ekiga | le | 3.9.90 |
ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news
seclists.org/oss-sec/2012/q4/407
www.securityfocus.com/bid/56790
blogs.oracle.com/sunsecurity/entry/cve_2012_5621_denial_of
bugzilla.redhat.com/show_bug.cgi?id=883058
exchange.xforce.ibmcloud.com/vulnerabilities/80640
git.gnome.org/browse/ekiga/commit/?id=7d09807257
lists.fedoraproject.org/pipermail/package-announce/2013-March/099554.html