CVE-2003-1276

2022-10-0316:15:43

mitre

www.cve.org

nettelephone

weak encryption

user pins

plaintext

registry key

unauthorized access

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN’s and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts.