CVE-2007-1007

Severity

99%

Complexity

99%

Confidentiality

165%

The product "GnomeMeeting" is now called "Ekiga".

Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.

Failed exploit attempts will like result in a system level denial-of-service condition.

The product "GnomeMeeting" is now called "Ekiga".

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Red Hat Desktop

First reported 18 years ago

2007-02-20 17:28:00

Last updated 7 years ago

2017-10-11 01:31:00

Affected Software

Red Hat Desktop 3.0

3.0

Red Hat Desktop 4.0

4.0

References

20070201-01-P

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229266

32083

24185

Patch, Vendor Advisory

24271

24284

24379

25119

DSA-1262

MDKSA-2007:045

SUSE-SR:2007:009

RHSA-2007:0086

Patch, Vendor Advisory

USN-426-1

oval:org.mitre.oval:def:11776

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.