Published: 20/12/2005 Updated: 19/10/2018

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1.1500 and previous versions, as installed on Belkin Bluetooth Software 1.4.2 Build 10 and ANYCOM Blue USB-130-250 Software 4.0.1.1500, and possibly other devices, sets null Authentication and Authorization values, which allows remote malicious users to send arbitrary audio and possibly eavesdrop using the microphone via the Hands Free Audio Gateway and Headset profile.

Vulnerable Product	Search on Vulmon	Subscribe to Product
belkin bluetooth software 1.4.2_build_10
widcomm bluetooth for windows 4.0.1.1500
anycom blue usb-130-250 software 4.0.1.1500

--- ussp-push-04/obex_mainc 2005-06-01 18:32:59000000000 -0400 +++ ussp-push-04-kf/obex_mainc 2005-12-03 11:49:32000000000 -0500 @@ -1,4 +1,10 @@ /* + wwwdigitalmunitioncom + Moded by KF (kf_lists[at]digitalmunition[dot]com) to exploit the Widcomm Overflows from PenTest + wwwpentestcouk/documents/ptl-2004-03html + ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/419642/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1357/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4417

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect