| Vulnerability Name: | CVE-2006-6908 (CCN-31452) | ||||||||
| Assigned: | 2006-12-31 | ||||||||
| Published: | 2006-12-31 | ||||||||
| Updated: | 2018-10-16 | ||||||||
| Summary: | Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors. | ||||||||
| CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 8.1 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:UR)
6.1 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Thu Jan 04 2007 - 06:44:26 CST 23C3 - Bluetooth hacking revisted [Summary and Code] Source: MITRE Type: CNA CVE-2006-6908 Source: MISC Type: UNKNOWN http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf Source: OSVDB Type: UNKNOWN 37587 Source: CCN Type: OSVDB ID: 37587 WIDCOMM Bluetooth Stack COM Server Unspecified Remote DoS Source: BUGTRAQ Type: UNKNOWN 20070104 23C3 - Bluetooth hacking revisted [Summary and Code] Source: XF Type: UNKNOWN bluetooth-multiple-vendor-com-bo(31452) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||