Mandriva Linux Security Advisory - A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original evaluation/patches were incomplete.
74059760ca396ac9aaacb0f5ccd2643fd0c6b428319aa2208dfe6b636aa57456
Ubuntu Security Notice 434-1 - It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges.
4bb663bcca02745bd937d2b0350fc4948fe9be30a4b471dbc9b3fe104805a094