5
CVE-2006-0212
- EPSS 2.49%
- Veröffentlicht 14.01.2006 01:03:00
- Zuletzt bearbeitet 16.06.2026 22:20:06
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginDirectory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Toshiba ≫ Bluetooth Stack Version <= 4.00.23t
Toshiba ≫ Bluetooth Stack Version3.00.11
Toshiba ≫ Bluetooth Stack Version3.00.12
Toshiba ≫ Bluetooth Stack Version3.00.31a
Toshiba ≫ Bluetooth Stack Version3.00.32
Toshiba ≫ Bluetooth Stack Version3.01.03
Toshiba ≫ Bluetooth Stack Version3.10.00
Toshiba ≫ Bluetooth Stack Version3.20.00
Toshiba ≫ Bluetooth Stack Version3.20.01
Toshiba ≫ Bluetooth Stack Version3.20.02
Toshiba ≫ Bluetooth Stack Version3.20.04
Toshiba ≫ Bluetooth Stack Version4.00.01t
Toshiba ≫ Bluetooth Stack Version4.00.11
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.49% | 0.826 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2
http://marc.info/?l=full-disclosure&m=113712413907526&w=2
http://secunia.com/advisories/18437
http://securitytracker.com/id?1015486
http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt
http://www.osvdb.org/22380
http://www.securityfocus.com/archive/1/421993/100/0/threaded
http://www.securityfocus.com/bid/16236
http://www.vupen.com/english/advisories/2006/0184