CVE-2003-1276

Name of the Vulnerable Software and Affected Versions NetTelephone version 3.5.6

Description The issue concerns the use of weak encryption for user PINs and the storage of user account numbers in plaintext. This could allow local users to gain unauthorized access to NetTelephone accounts. The sensitive information is stored in the HKEY CURRENT USERSoftwareMediaRing.comSDKNetTelephonesettings registry key.

Recommendations For version 3.5.6, consider restricting access to the registry key HKEY CURRENT USERSoftwareMediaRing.comSDKNetTelephonesettings to minimize the risk of exploitation. As a temporary workaround, users should be cautious with their account information and PINs until a more secure version is available. At the moment, there is no information about a newer version that contains a fix for this issue.