CVE-2005-0058

Microsoft Windows TAPI - Buffer Overflow via Crafted Message

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0058. PoCs published by Cesar Cerrudo.

AI-analyzed exploit summary This exploit targets CVE-2005-0058, a vulnerability in the Microsoft Telephony API (TAPI) service. It leverages an LPC port connection to inject and execute arbitrary shellcode, achieving remote code execution (RCE) on vulnerable Windows 2000 systems.

Description

Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cesar Cerrudo · c++localwindows

https://www.exploit-db.com/exploits/1584

View Code ZIP pw:eip

This exploit targets CVE-2005-0058, a vulnerability in the Microsoft Telephony API (TAPI) service. It leverages an LPC port connection to inject and execute arbitrary shellcode, achieving remote code execution (RCE) on vulnerable Windows 2000 systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows 2000 (all service packs)

No auth needed

Prerequisites: Telephony Service must be running · Target must be Windows 2000

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (11)

Core 11

Core References

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1297

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100088

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14518

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1075

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014639

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100086

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/16354/

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1213

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085

Scores

EPSS 0.2682

EPSS Percentile 96.5%

Details

Status published

Products (6)

microsoft/windows_2000

microsoft/windows_2003_server r2

microsoft/windows_98

microsoft/windows_98se

microsoft/windows_me

microsoft/windows_xp

Published Aug 10, 2005

Tracked Since Feb 18, 2026