Vulnerability Name: | CVE-2005-0058 (CCN-21599) | ||||||||||||||||
Assigned: | 2005-08-09 | ||||||||||||||||
Published: | 2005-08-09 | ||||||||||||||||
Updated: | 2018-10-12 | ||||||||||||||||
Summary: | Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message. | ||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2005-0058 Source: CCN Type: SA16354 Microsoft Windows Telephony Service Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory 16354 Source: CCN Type: SECTRACK ID: 1014639 Microsoft Windows Telephony Service Remote Code Execution or Local Privilege Escalation Source: SECTRACK Type: UNKNOWN 1014639 Source: CCN Type: CIAC Information Bulletin P-268 Vulnerability in Telephony Service Source: CCN Type: Microsoft Security Bulletin MS05-040 Vulnerability in Telephony Service Could Allow Remote Code Execution (893756) Source: BID Type: UNKNOWN 14518 Source: CCN Type: BID-14518 Microsoft Windows Telephony Service Buffer Overflow Vulnerability Source: MS Type: UNKNOWN MS05-040 Source: XF Type: UNKNOWN win-telephony-bo(21599) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:100084 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:100085 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:100086 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:100088 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1075 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1213 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1297 | ||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |