Ekiga is a tool to communicate with video and audio over the Internet.
Format string flaws were found in the way Ekiga processes certain messages.
If a user is running Ekiga, a remote attacker who can connect to Ekiga
could trigger this flaw and potentially execute arbitrary code with the
privileges of the user. (CVE-2007-0999, CVE-2007-1006)
Users of Ekiga should upgrade to these updated packages which contain a
backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | src | ekiga | < 2.0.2-7.0.2 | ekiga-2.0.2-7.0.2.src.rpm |
RedHat | any | i386 | ekiga | < 2.0.2-7.0.2 | ekiga-2.0.2-7.0.2.i386.rpm |
RedHat | any | x86_64 | ekiga | < 2.0.2-7.0.2 | ekiga-2.0.2-7.0.2.x86_64.rpm |