8.3

CVE-2008-1453

The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows-nt Versionxp Updatesp3
MicrosoftWindows Vista Editionx64
MicrosoftWindows Xp Editionx64
MicrosoftWindows Xp Updatesp2
MicrosoftWindows Xp Updatesp2 Editionx64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.39% 0.818
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.3 6.5 10
AV:A/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.us-cert.gov/cas/techalerts/TA08-162B.html
Third Party Advisory
US Government Resource
http://secunia.com/advisories/30051
Patch
Vendor Advisory
http://securitytracker.com/id?1020221
Patch
http://www.securityfocus.com/bid/29522
Patch
http://www.vupen.com/english/advisories/2008/1777
Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4730