ID CVE-2007-0999
Summary Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. This vulnerability has been addressed through a product update using MandrivaUpdate.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:ekiga:*:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:ekiga:*:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 11-10-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:10:09.890-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006.
family unix
id oval:org.mitre.oval:def:10944
status accepted
submitted 2010-07-09T03:56:16-04:00
title Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006.
version 19
redhat via4
advisories
rhsa
id RHSA-2007:0087
rpms
  • ekiga-0:2.0.2-7.0.2
  • ekiga-debuginfo-0:2.0.2-7.0.2
refmap via4
mandriva MDKSA-2007:058
ubuntu USN-434-1
Last major update 11-10-2017 - 01:31
Published 10-03-2007 - 19:19
Last modified 11-10-2017 - 01:31
Back to Top