Vulnerability Description
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Widcomm Bluetooth | 1.4.1.03 |
| Microsoft | Windows Embedded Compact | All versions |
| Microsoft | Windows Mobile | All versions |
References
- http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisite
- http://osvdb.org/37587
- http://www.securityfocus.com/archive/1/455889/100/0/threaded
- http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisite
- http://osvdb.org/37587
- http://www.securityfocus.com/archive/1/455889/100/0/threaded
FAQ
What is CVE-2006-6908?
CVE-2006-6908 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcom...
How severe is CVE-2006-6908?
CVE-2006-6908 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6908?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Widcomm Bluetooth, Microsoft Windows Embedded Compact, Microsoft Windows Mobile.