CVE-2007-0999
https://notcve.org/view.php?id=CVE-2007-0999
Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. Vulnerabilidad de cadena de formato en Ekiga 2.0.3, y probablemente otras versiones, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados, una vulnerabilidad distinta de CVE-2007-1006. • http://www.mandriva.com/security/advisories?name=MDKSA-2007:058 http://www.redhat.com/support/errata/RHSA-2007-0087.html http://www.ubuntu.com/usn/usn-434-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10944 https://access.redhat.com/security/cve/CVE-2007-0999 https://bugzilla.redhat.com/show_bug.cgi?id=1618289 •
CVE-2007-1007
https://notcve.org/view.php?id=CVE-2007-1007
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function. Vulnerabilidad de cadena de formato en GnomeMeeting 1.0.2 y anteriores permiten a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante cadenas de formato en el nombre, que no es tratado adecuadamente en una llamada a la función gnomemeeting_log_insert. • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229266 http://osvdb.org/32083 http://secunia.com/advisories/24185 http://secunia.com/advisories/24271 http://secunia.com/advisories/24284 http://secunia.com/advisories/24379 http://secunia.com/advisories/25119 http://www.debian.org/security/2007/dsa-1262 http://www.mandriva.com/security/advisories?name=MDKSA-2007:045 http://www.novell.com/linux •
CVE-2007-1006 – Ekiga format string flaw
https://notcve.org/view.php?id=CVE-2007-1006
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet. Múltiples vulnerabilidades de cadena de formato en la función gm_main_window_flash_message en Ekiga versiones anteriores a 2.0.5, permiten a atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de un paquete SETUP Q.931 especialmente diseñado. • http://fedoranews.org/cms/node/2682 http://fedoranews.org/cms/node/2683 http://labs.musecurity.com/advisories/MU-200702-01.txt http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.html http://secunia.com/advisories/24194 http://secunia.com/advisories/24228 http://secunia.com/advisories/24229 http://secunia.com/advisories/24271 http://secunia.com/advisories/24379 http://secunia.com/advisories/24680 http://secunia.com/advisories/25119 http://security.gentoo.or • CWE-134: Use of Externally-Controlled Format String •