7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
91.4%
Added: 06/12/2007
CVE: CVE-2005-0058
BID: 14518
OSVDB: 18606
The Windows Telephony API (TAPI) provides telecommunications support for Windows applications.
A buffer overflow in the Windows Telephony API allows local attackers to execute commands with administrative privileges.
Apply the patch referenced in Microsoft Security Bulletin 05-040.
<http://www.microsoft.com/technet/security/bulletin/ms05-040.mspx>
The Telephony service must be running on the target in order for this exploit to succeed.
Windows 2000