OVAL Repository - View Definition: oval:org.mitre.oval:def:1075

Open Vulnerability and Assessment Language (OVAL)

Offical Language Release

Repository Downloads

News — November 5, 2009

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:1075		Date: 2009-05-07
Title:	Windows XP TAPI Buffer Overflow
Description:	Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers elevate privileges or execute arbitrary code via a crafted message.
Version:	2	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2005-0058
Family:	windows
Platform(s):	Microsoft Windows XP	Product(s):	Telephony Service
Definition Synopsis:
Software section Windows XP is installed AND a vulnerable version of tapisrv.dll exists 32-bit version of windows with SP1 or earlier is installed and vulnerable version of tapisrv.dll exists 32-Bit version of Windows is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND the version of tapisrv.dll is less than 5.1.2600.1715 OR 32-bit version of windows with SP2 is installed and vulnerable version of tapisrv.dll exists 32-Bit version of Windows is installed AND Win2K/XP/2003/Vista/2008 Service Pack 2 is installed AND the version of tapisrv.dll is less than 5.1.2600.2716 OR for 64-bit (x64 arch) Windows (gold edition) a vulnerable version of tapisrv.dll exists 64-Bit (x64 architecture) version of Windows is installed AND NOT Win2K/XP/2003 is patched AND the version of tapisrv.dll is less than 5.2.3790.2483 AND NOT the patch kb893756 is installed (Hotfix key) AND Configuration section the Telephony service is enabled

NEW SEARCH : BACK

OVAL Repository
About the Repository
OVAL Repository Forum
Latest Updates
Statistics
Search
Downloads
Submit Content
Other Items of Interest
OVAL Archive
Terms of Use


	OVAL is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. The OVAL Web site is hosted by The MITRE Corporation. Copyright 2002-2009, The MITRE Corporation. All rights reserved. OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Contact oval@mitre.org for more information.	Privacy policy Terms of use