CVE-2013-1864
published 2014-05-23CVE-2013-1864: The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ekiga | ekiga | <= 4.0.0 | — |
| opalvoip | portable_tool_library | — | — |
| opalvoip | portable_tool_library | — | — |
| opalvoip | portable_tool_library | — | — |
| opalvoip | portable_tool_library | — | — |
| suse | suse_linux_enterprise_desktop | — | — |
| suse | suse_linux_enterprise_software_development_kit | — | — |