Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2007-1006

Published: 20/02/2007 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Ekiga

Vulnerability Summary

Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga prior to 2.0.5 allow malicious users to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.

Vulnerable Product Search on Vulmon Subscribe to Product

ekiga ekiga

Vendor Advisories

Ubuntu Security Notice: ekiga, gnomemeeting vulnerabilities
Mu Security discovered a format string vulnerability in Ekiga If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user’s privileges ...
Debian CVElist Bug Report Logs: CVE-2007-1006: format string overflows
Debian Bug report logs - #411944 CVE-2007-1006: format string overflows Package: ekiga; Maintainer for ekiga is Kilian Krause <kilian@debianorg>; Source for ekiga is src:ekiga (PTS, buildd, popcon) Reported by: Kees Cook <kees@outfluxnet> Date: Thu, 22 Feb 2007 00:27:05 UTC Severity: grave Tags: confirmed, fixed-u ...
Debian CVElist Bug Report Logs: CVE-2007-0999: still vulnerable to format string exploits
Debian Bug report logs - #414069 CVE-2007-0999: still vulnerable to format string exploits Package: ekiga; Maintainer for ekiga is Kilian Krause <kilian@debianorg>; Source for ekiga is src:ekiga (PTS, buildd, popcon) Reported by: Kees Cook <kees@outfluxnet> Date: Fri, 9 Mar 2007 01:33:01 UTC Severity: grave Tags: ...

References

CWE-134http://secunia.com/advisories/24194http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.htmlhttp://labs.musecurity.com/advisories/MU-200702-01.txthttp://www.ekiga.org/index.php?rub=10&archive=1http://www.debian.org/security/2007/dsa-1262http://fedoranews.org/cms/node/2682http://fedoranews.org/cms/node/2683http://www.mandriva.com/security/advisories?name=MDKSA-2007:044http://www.redhat.com/support/errata/RHSA-2007-0087.htmlhttp://www.ubuntu.com/usn/usn-426-1http://www.securityfocus.com/bid/22613http://www.osvdb.org/31939http://www.securitytracker.com/id?1017673http://secunia.com/advisories/24228http://secunia.com/advisories/24229http://secunia.com/advisories/24271http://secunia.com/advisories/24379http://security.gentoo.org/glsa/glsa-200703-25.xmlhttp://secunia.com/advisories/24680http://www.novell.com/linux/security/advisories/2007_9_sr.htmlhttp://secunia.com/advisories/25119http://www.vupen.com/english/advisories/2007/0655https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11642https://usn.ubuntu.com/426-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook