Samsung SecTelephonyProvider Information Disclosure Vulnerability (CNVD-2022-70741)

Samsung SecTelephonyProvider is a Telephony service for Samsung mobile devices that provides support for the Telephony Application Programming Interface TAPI.An information disclosure vulnerability exists in Samsung SecTelephonyProvider, which stems from a lack of protection for EventType in...

Samsung Telephony service information disclosure vulnerability (CNVD-2022-76487)

Samsung Telephony service is a Telephony service for Samsung mobile devices that provides support for the Telephony Application Programming Interface TAPI.An information disclosure vulnerability exists in Samsung Telephony service, which stems from the Telephony service performing messaging to...

Samsung TelephonyUI putDsaSimImsi information disclosure vulnerability

Samsung TelephonyUI putDsaSimImsi is a Telephony service for Samsung mobile devices that provides support for the Telephony Application Programming Interface TAPI.An information disclosure vulnerability exists in Samsung TelephonyUI putDsaSimImsi, which stems from putDsaSimImsi in TelephonyUI lac...

Samsung TelephonyUI Access Control Error Vulnerability (CNVD-2022-70745)

An access control error vulnerability exists in Samsung TelephonyUI, a Telephony service for Samsung mobile devices in South Korea that provides support for the Telephony Application Programming Interface TAPI. The vulnerability stems from a lack of proper permission checking in TelephonyUI, whic...

Samsung TelephonyUI getDsaSimImsi information disclosure vulnerability

Samsung TelephonyUI getDsaSimImsi is a Telephony service from Samsung Samsung Mobile that provides support for the Telephony Application Programming Interface TAPI.An information disclosure vulnerability exists in Samsung TelephonyUI getDsaSimImsi, which stems from getDsaSimImsi in TelephonyUI...

Microsoft Windows Fax Service Remote Code Execution Vulnerability (CNVD-2021-101714)

Fax Service is a Telephone Application Programming Interface TAPI-compliant system service that allows users to send and receive faxes from their desktop applications using a local fax device or a shared network fax device.A remote code execution vulnerability exists in Microsoft Windows Fax...

Microsoft Windows XP SP3 (x86) / 2003 SP2 (x86) - 'NDProxy' Local Privilege Escalation (MS14-002)

/ Exploit Title: Windows NDProxy Privilege Escalation MS14-002 Date: 2015-08-03 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows XP SP3 x86 Windows XP SP2 x86-64 Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows XP SP3 x86...

MS KB982316: Elevation of Privilege Using Windows Service Isolation Bypass

Windows Service Isolation can be bypassed on the remote host, resulting in the elevation of privileges. A local attacker could exploit this by leveraging the TAPI service to execute code as SYSTEM. A similar problem affects other Windows services that run as the NetworkService user e.g. IIS, SQL...

CVE-2010-1886

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2, and Windows 7 allow local users to gain privileges by leveraging access to a process with NetworkService credentials, as demonstrated by TAPI Server, SQL Server, and IIS processes...

Cross site scripting

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2, and Windows 7 allow local users to gain privileges by leveraging access to a process with NetworkService credentials, as demonstrated by TAPI Server, SQL Server, and IIS processes...

CVE-2010-1886

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2, and Windows 7 allow local users to gain privileges by leveraging access to a process with NetworkService credentials, as demonstrated by TAPI Server, SQL Server, and IIS processes...

PT-2010-3509 · Microsoft · Iis +7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions SP2 and R2 Microsoft Windows 7 affected versions not specified Description...

Microsoft Windows License Logging Server Remote Heap Buffer Overflow Vulnerability

Description The Microsoft Windows License Logging Server is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges...

Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability

Description Microsoft DirectX is prone to a remote code-execution vulnerability because the DirectShow component fails to properly handle QuickTime media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application...

MS Windows Telephony Service Command Execution Exploit (MS05-040)

No description provided by source. // by Cesar Cerrudo - Argeniss - www.argeniss.com // // TAPI Vulnerability- MS05-040 // // Should work on Win2k sp0,sp1,sp2,sp3,sp4 any language // If Telephony Service is not running you can start it by net start "Telephony Service" include "windows.h" include...

Microsoft Windows - Telephony Service Command Execution (MS05-040)

// by Cesar Cerrudo - Argeniss - www.argeniss.com // // TAPI Vulnerability- MS05-040 // // Should work on Win2k sp0,sp1,sp2,sp3,sp4 any language // If Telephony Service is not running you can start it by net start "Telephony Service" include "windows.h" include "stdio.h" include "tapi.h" typedef...

MS Windows Telephony Service Command Execution Exploit (MS05-040)

Exploit for unknown platform in category local exploits ================================================================= MS Windows Telephony Service Command Execution Exploit MS05-040 ================================================================= // by Cesar Cerrudo - Argeniss -...

Microsoft Windows - Telephony Service Command Execution (MS05-040)

Microsoft Windows - Telephony Service Command Execution MS05-040 // by Cesar Cerrudo - Argeniss - www.argeniss.com // // TAPI Vulnerability- MS05-040 // // Should work on Win2k sp0,sp1,sp2,sp3,sp4 any language // If Telephony Service is not running you can start it by net start "Telephony Service...

CVE-2005-0058

Buffer overflow in the Telephony Application Programming Interface TAPI for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message...

CVE-2005-0058

CVE-2005-0058 describes a buffer overflow in the Windows Telephony API (TAPI) that can allow either remote code execution or local privilege elevation, depending on OS/version and configuration. Affected platforms include Windows 98/98 SE/ME, Windows 2000, Windows XP, and Windows Server 2003. The...