OVAL Repository - View Definition: oval:org.mitre.oval:def:1297

Open Vulnerability and Assessment Language (OVAL)

Offical Language Release

Repository Downloads

News — November 5, 2009

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:1297		Date: 2005-08-11
Title:	Server 2003 TAPI Buffer Overflow
Description:	Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers elevate privileges or execute arbitrary code via a crafted message.
Version:	1	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2005-0058
Family:	windows
Platform(s):	Microsoft Windows Server 2003	Product(s):	Telephony Service
Definition Synopsis:
Software section Windows Server 2003 is installed AND a vulnerable version of tapisrv.dll exists for 32-bit or 64-bit (itanium architecture) Windows gold edition a vulnerable version of tapisrv.dll exists 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed 32-Bit version of Windows is installed OR a version of Windows for the ia64 architecture is installed AND NOT Win2K/XP/2003 is patched AND the version of tapisrv.dll is less than 5.2.3790.366 OR for 32-bit or 64-bit (itanium architecture) Windows with SP1 a vulnerable version of tapisrv.dll exists 32-bit version of Windows or 64-bit (itanium architecture) version of Windows is installed 32-Bit version of Windows is installed OR a version of Windows for the ia64 architecture is installed AND Win2K/XP/2003 service pack 1 is installed AND the version of tapisrv.dll is less than 5.2.3790.2483 OR for 64-bit (x64 arch) Windows (gold edition) a vulnerable version of tapisrv.dll exists 64-Bit (x64 architecture) version of Windows is installed AND NOT Win2K/XP/2003 is patched AND the version of tapisrv.dll is less than 5.2.3790.2483 AND NOT the patch kb893756 is installed (Hotfix key) AND Configuration section the Telephony service is enabled

NEW SEARCH : BACK

OVAL Repository
About the Repository
OVAL Repository Forum
Latest Updates
Statistics
Search
Downloads
Submit Content
Other Items of Interest
OVAL Archive
Terms of Use


	OVAL is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. The OVAL Web site is hosted by The MITRE Corporation. Copyright 2002-2009, The MITRE Corporation. All rights reserved. OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Contact oval@mitre.org for more information.	Privacy policy Terms of use