Bug 229259 (CVE-2007-1006) - CVE-2007-1006 Ekiga format string flaw
Summary: CVE-2007-1006 Ekiga format string flaw
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2007-1006
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
urgent
Target Milestone: ---
Assignee: Daniel Veillard
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-02-19 20:01 UTC by Josh Bressers
Modified: 2019-09-29 12:19 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-06-03 23:43:58 UTC
Embargoed:


Attachments (Terms of Use)
Upstream patch extracted from SVN (3.32 KB, patch)
2007-02-19 20:01 UTC, Josh Bressers
no flags Details | Diff

Description Josh Bressers 2007-02-19 20:01:46 UTC
A format string flaw was found in the way Ekiga processes certain messages form
remote clients.  This flaw could allow a remote attacker to execute arbitrary
code as the user running Ekiga.

This flaw also affects FC5

Comment 1 Josh Bressers 2007-02-19 20:01:46 UTC
Created attachment 148361 [details]
Upstream patch extracted from SVN

Comment 2 Fedora Update System 2007-02-21 04:18:31 UTC
ekiga-2.0.1-4 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Comment 3 Fedora Update System 2007-02-21 04:19:00 UTC
ekiga-2.0.5-2.fc6 has been pushed for fc6, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.