Paketname
ekiga
Datum
2007-03-08
Advisory ID
MDKSA-2007:058
Betroffene Versionen
2007.0 x86_64 , 2007.0 i586

Problembeschreibung

A format string flaw was discovered in how ekiga processes certain
messages, which could permit a remote attacker that can connect to
ekiga to potentially execute arbitrary code with the privileges of
the user running ekiga. This is similar to the previous
CVE-2007-1006, but the original evaluation/patches were incomplete.

Updated package have been patched to correct this issue.

Aktualisierte Pakete

2007.0 x86_64

 d1044e6da6359f45c05b5b9633eb9b3e  2007.0/x86_64/ekiga-2.0.3-1.2mdv2007.0.x86_64.rpm 
 6553d806ec25e8e7b3bf954d0522f126  2007.0/SRPMS/ekiga-2.0.3-1.2mdv2007.0.src.rpm

2007.0 i586

 f1864ecddf6bd6f89ca97ae2f62e102a  2007.0/i586/ekiga-2.0.3-1.2mdv2007.0.i586.rpm 
 6553d806ec25e8e7b3bf954d0522f126  2007.0/SRPMS/ekiga-2.0.3-1.2mdv2007.0.src.rpm

Referenzen