Computer Security
[EN] securityvulns.ru no-pyccku


gnomemeeting / ekiga format string vulnerability
Published:21.02.2007
Source:
SecurityVulns ID:7274
Type:remote
Threat Level:
6/10
Description:Format string vulnerability on certain messages logging.
Affected:GNOME : gnomemeeting 0.98
 GNOME : gnomemeeting 1.0
 EKIGA : Ekiga 2.0
CVE:CVE-2007-1007 (Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.)
 CVE-2007-1006 (Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.)
 CVE-2007-0999 (Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:045 ] - Updated gnomemeeting packages fix string vulnerabilities (21.02.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod