CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9799
https://notcve.org/view.php?id=CVE-2016-9799
03 Dec 2016 — In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash. En BlueZ 5.42, se ha observado un desbordamiento de búfer en la función "pklg_read_hci" en la fuente de archivo "btsnoop.c". Este problema puede ser desencadenado procesando un archivo de volcado corrupto que resulta en una caída de btmon. • http://www.securityfocus.com/bid/94652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9801
https://notcve.org/view.php?id=CVE-2016-9801
03 Dec 2016 — In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file. En BlueZ 5.42, se ha observado un desbordamiento de búfer en la función "set_ext_ctrl" en la fuente de archivo "tools/parser/l2cap.c" cuando procesa un archivo de volcado corrupto. • http://www.securityfocus.com/bid/94652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9804
https://notcve.org/view.php?id=CVE-2016-9804
03 Dec 2016 — In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. En BlueZ 5.42, se ha observado un desbordamiento de búfer en la función "commands_dump" en la fuente de archivo "tools/parser/csr.c". El pr... • http://www.securityfocus.com/bid/94652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9797
https://notcve.org/view.php?id=CVE-2016-9797
03 Dec 2016 — In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. En BlueZ 5.42, se ha observado una sobrelectura de búfer en la función "l2cap_dump" en la fuente de archivo "tools/parser/l2cap.c". Este problema puede ser desencadenado procesando un archivo de volcado corrupto y resulta en una caída de hcidump. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9798
https://notcve.org/view.php?id=CVE-2016-9798
03 Dec 2016 — In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. En BlueZ 5.42, se ha identificado una liberación de memoria después de uso en la función "conf_opt" en la fuente de programa "tools/parser/l2cap.c". Este problema puede ser desencadenado procesando un archivo de volcado corrupto que resulta en una caída de hcidump. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html • CWE-416: Use After Free •
CVSS: 9.1EPSS: 9%CPEs: 1EXPL: 1CVE-2006-6899 – BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection
https://notcve.org/view.php?id=CVE-2006-6899
31 Dec 2006 — hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack. hidd en BlueZ (bluez-utils) anterior a 2.25 permite a atacantes remotos obtener el control de los Dispositivos de Interfaz Humana (HID) del (1) Ratón y (2) Teclado mediante una determinada configuración de dos extremos HID (PSM) (HID endpoints), operando como servidor, tam... • https://www.exploit-db.com/exploits/29471 • CWE-16: Configuration •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2005-2547 – Debian Linux Security Advisory 782-1
https://notcve.org/view.php?id=CVE-2005-2547
12 Aug 2005 — security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper. Due to missing input sanitization in the bluez-utils package, it is possible for an attacker to execute arbitrary commands supplied as the device name from the remote device. • http://cvs.sourceforge.net/viewcvs.py/bluez/utils/hcid/security.c?r1=1.31&r2=1.34 •