Search criteria
4 vulnerabilities by widcomm
CVE-2006-6897 (GCVE-0-2006-6897)
Vulnerability from cvelistv5 – Published: 2007-01-08 20:00 – Updated: 2024-08-07 20:42
VLAI?
Summary
Directory traversal vulnerability in Widcomm Bluetooth for Windows (BTW) 3.0.1.905 allows remote attackers to conduct unauthorized file operations via a .. (dot dot) in an unspecified parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:42:07.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
},
{
"name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
},
{
"name": "37590",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Widcomm Bluetooth for Windows (BTW) 3.0.1.905 allows remote attackers to conduct unauthorized file operations via a .. (dot dot) in an unspecified parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
},
{
"name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
},
{
"name": "37590",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37590"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Widcomm Bluetooth for Windows (BTW) 3.0.1.905 allows remote attackers to conduct unauthorized file operations via a .. (dot dot) in an unspecified parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf",
"refsource": "MISC",
"url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
},
{
"name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
},
{
"name": "37590",
"refsource": "OSVDB",
"url": "http://osvdb.org/37590"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6897",
"datePublished": "2007-01-08T20:00:00",
"dateReserved": "2007-01-08T00:00:00",
"dateUpdated": "2024-08-07T20:42:07.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6378 (GCVE-0-2006-6378)
Vulnerability from cvelistv5 – Published: 2006-12-07 17:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "btsavemysql-url-file-disclosure(30760)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30760"
},
{
"name": "2002",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2002"
},
{
"name": "20061206 BTSaveMySql 1.2 (acces to config files)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453652/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "btsavemysql-url-file-disclosure(30760)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30760"
},
{
"name": "2002",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2002"
},
{
"name": "20061206 BTSaveMySql 1.2 (acces to config files)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453652/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "btsavemysql-url-file-disclosure(30760)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30760"
},
{
"name": "2002",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2002"
},
{
"name": "20061206 BTSaveMySql 1.2 (acces to config files)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453652/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6378",
"datePublished": "2006-12-07T17:00:00",
"dateReserved": "2006-12-07T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4417 (GCVE-0-2005-4417)
Vulnerability from cvelistv5 – Published: 2005-12-20 11:00 – Updated: 2024-08-07 23:46
VLAI?
Summary
The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1.1500 and earlier, as installed on Belkin Bluetooth Software 1.4.2 Build 10 and ANYCOM Blue USB-130-250 Software 4.0.1.1500, and possibly other devices, sets null Authentication and Authorization values, which allows remote attackers to send arbitrary audio and possibly eavesdrop using the microphone via the Hands Free Audio Gateway and Headset profile.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051216 DMA[2005-1214a] - \u0027Widcomm BTW - Bluetooth for Windows Remote Audio Eavesdropping\u0027",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419642/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1.1500 and earlier, as installed on Belkin Bluetooth Software 1.4.2 Build 10 and ANYCOM Blue USB-130-250 Software 4.0.1.1500, and possibly other devices, sets null Authentication and Authorization values, which allows remote attackers to send arbitrary audio and possibly eavesdrop using the microphone via the Hands Free Audio Gateway and Headset profile."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051216 DMA[2005-1214a] - \u0027Widcomm BTW - Bluetooth for Windows Remote Audio Eavesdropping\u0027",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419642/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4417",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1.1500 and earlier, as installed on Belkin Bluetooth Software 1.4.2 Build 10 and ANYCOM Blue USB-130-250 Software 4.0.1.1500, and possibly other devices, sets null Authentication and Authorization values, which allows remote attackers to send arbitrary audio and possibly eavesdrop using the microphone via the Hands Free Audio Gateway and Headset profile."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051216 DMA[2005-1214a] - \u0027Widcomm BTW - Bluetooth for Windows Remote Audio Eavesdropping\u0027",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419642/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4417",
"datePublished": "2005-12-20T11:00:00",
"dateReserved": "2005-12-20T00:00:00",
"dateUpdated": "2024-08-07T23:46:05.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0775 (GCVE-0-2004-0775)
Vulnerability from cvelistv5 – Published: 2004-09-14 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in products such as BTStackServer 1.3.2.7 and 1.4.2.10, Windows XP and Windows 98 with MSI Bluetooth Dongles, and HP IPAQ 5450 running WinCE 3.0, allows remote attackers to execute arbitrary code via certain service requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040811 ptl-2004-03: WIDCOMM Bluetooth Connectivity Software Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0029.html"
},
{
"name": "20051204 have you ever been BluePIMped?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/418633/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.internetnews.com/security/article.php/3394181"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pentest.co.uk/documents/ptl-2004-03.html"
},
{
"name": "bluetooth-btw-service-bo(16953)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16953"
},
{
"name": "20040811 ptl-2004-03: WIDCOMM Bluetooth Connectivity Software Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109223783402624\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in products such as BTStackServer 1.3.2.7 and 1.4.2.10, Windows XP and Windows 98 with MSI Bluetooth Dongles, and HP IPAQ 5450 running WinCE 3.0, allows remote attackers to execute arbitrary code via certain service requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040811 ptl-2004-03: WIDCOMM Bluetooth Connectivity Software Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0029.html"
},
{
"name": "20051204 have you ever been BluePIMped?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/418633/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.internetnews.com/security/article.php/3394181"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pentest.co.uk/documents/ptl-2004-03.html"
},
{
"name": "bluetooth-btw-service-bo(16953)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16953"
},
{
"name": "20040811 ptl-2004-03: WIDCOMM Bluetooth Connectivity Software Buffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109223783402624\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in products such as BTStackServer 1.3.2.7 and 1.4.2.10, Windows XP and Windows 98 with MSI Bluetooth Dongles, and HP IPAQ 5450 running WinCE 3.0, allows remote attackers to execute arbitrary code via certain service requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040811 ptl-2004-03: WIDCOMM Bluetooth Connectivity Software Buffer Overflows",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0029.html"
},
{
"name": "20051204 have you ever been BluePIMped?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418633/100/0/threaded"
},
{
"name": "http://www.internetnews.com/security/article.php/3394181",
"refsource": "MISC",
"url": "http://www.internetnews.com/security/article.php/3394181"
},
{
"name": "http://www.pentest.co.uk/documents/ptl-2004-03.html",
"refsource": "MISC",
"url": "http://www.pentest.co.uk/documents/ptl-2004-03.html"
},
{
"name": "bluetooth-btw-service-bo(16953)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16953"
},
{
"name": "20040811 ptl-2004-03: WIDCOMM Bluetooth Connectivity Software Buffer Overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109223783402624\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0775",
"datePublished": "2004-09-14T04:00:00",
"dateReserved": "2004-08-10T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}