CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9800
https://notcve.org/view.php?id=CVE-2016-9800
03 Dec 2016 — In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter. En BlueZ 5.42, se ha observado un desbordamiento de búfer en la función "pin_code_reply_dump" en la fuente de archivo "tools/parser/hci.c". El problema existe debido a que el "pin" se desborda por el parámetro subministrado... • http://www.securityfocus.com/bid/94652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9802
https://notcve.org/view.php?id=CVE-2016-9802
03 Dec 2016 — In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash. En BlueZ 5.42, se ha identificado una sobrelectura de búfer en la función "l2cap_packet" en la fuente de archivo "monitor/packet.c". Este problema puede ser desencadenado procesando un archivo de volcado corrupto y resulta en una caída de btmon. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9804
https://notcve.org/view.php?id=CVE-2016-9804
03 Dec 2016 — In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. En BlueZ 5.42, se ha observado un desbordamiento de búfer en la función "commands_dump" en la fuente de archivo "tools/parser/csr.c". El pr... • http://www.securityfocus.com/bid/94652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9797
https://notcve.org/view.php?id=CVE-2016-9797
03 Dec 2016 — In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. En BlueZ 5.42, se ha observado una sobrelectura de búfer en la función "l2cap_dump" en la fuente de archivo "tools/parser/l2cap.c". Este problema puede ser desencadenado procesando un archivo de volcado corrupto y resulta en una caída de hcidump. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9798
https://notcve.org/view.php?id=CVE-2016-9798
03 Dec 2016 — In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. En BlueZ 5.42, se ha identificado una liberación de memoria después de uso en la función "conf_opt" en la fuente de programa "tools/parser/l2cap.c". Este problema puede ser desencadenado procesando un archivo de volcado corrupto que resulta en una caída de hcidump. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html • CWE-416: Use After Free •
CVSS: 9.1EPSS: 37%CPEs: 1EXPL: 1CVE-2006-6899 – BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection
https://notcve.org/view.php?id=CVE-2006-6899
31 Dec 2006 — hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack. hidd en BlueZ (bluez-utils) anterior a 2.25 permite a atacantes remotos obtener el control de los Dispositivos de Interfaz Humana (HID) del (1) Ratón y (2) Teclado mediante una determinada configuración de dos extremos HID (PSM) (HID endpoints), operando como servidor, tam... • https://www.exploit-db.com/exploits/29471 • CWE-16: Configuration •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2005-2547
https://notcve.org/view.php?id=CVE-2005-2547
12 Aug 2005 — security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper. • http://cvs.sourceforge.net/viewcvs.py/bluez/utils/hcid/security.c?r1=1.31&r2=1.34 •