CVE-2007-4897

Name	CVE-2007-4897
Description	pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DTSA-94-1
Debian Bugs	454133, 454139

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
pwlib	source	sarge	1.8.4-1+sarge1.1
pwlib	source	etch	1.10.2-2+etch1
pwlib	source	lenny	1.10.7~dfsg1-4+lenny1		DTSA-94-1
pwlib	source	(unstable)	1.10.10-1.1	low		454133
pwlib-titan	source	lenny	1.11.2-1+lenny1		DTSA-94-1
pwlib-titan	source	(unstable)	1.11.2-1.1	low		454139