Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-1864HistoryMay 23, 2014 - 2:55 p.m.
CVE-2013-1864
2014-05-2314:55:00
Debian Security Bug Tracker
security-tracker.debian.org
14
EPSS
0.023
Percentile
89.8%
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a “billion laughs attack.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | ekiga | < 4.0.1-6 | ekiga_4.0.1-6_all.deb |
Related
nessus
nessus
Ekiga < 4.0.1 ptlib XML Expansion Recursion DoS
2013-04-19 00:00:00
RHEL 6 : pwlib (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : pwlib (Unpatched Vulnerability)
2024-06-03 00:00:00
cve
cve
CVE-2013-1864
2014-05-23 14:55:09
prion
prion
Design/Logic Flaw
2014-05-23 14:55:00
ubuntucve
ubuntucve
CVE-2013-1864
2014-05-23 00:00:00
cvelist
cvelist
CVE-2013-1864
2014-05-23 14:00:00
nvd
nvd
CVE-2013-1864
2014-05-23 14:55:09