CVE-2007-1007

Name of the Vulnerable Software and Affected Versions: GnomeMeeting versions 1.0.2 and earlier GnomeMeeting version 0.96.0

Description: The issue is related to a format string vulnerability in GnomeMeeting, which can be exploited remotely. This vulnerability may lead to a denial of service (crash) and possibly allow the execution of arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting log insert function. The exploitation of this vulnerability can result in the disruption of confidentiality, integrity, and availability of protected information.

Recommendations: For GnomeMeeting versions 1.0.2 and earlier, consider disabling the gnomemeeting log insert function until a patch is available. For GnomeMeeting version 0.96.0, restrict access to the vulnerable module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.