CVE-2008-4295
Microsoft Windows Mobile 6.0 - Device Long Name Remote Reboot (Denial of Service)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote attackers to cause a denial of service (device reboot) by configuring a Bluetooth device with a long hci name and (1) connecting directly to the Windows Mobile system or (2) waiting for the Windows Mobile system to scan for nearby devices.
Microsoft Windows Mobile 6.0 en dispositivos HTC Wiza 200 y HTC MDA 8125 no trata adecuadamente el primer intento de establecer la conexión Bluetooth a un punto con un nombre largo, lo cual permite a atacantes remotos causar denegación de servicio (reinicio de dispositivo) por la configuración de un dispositivo Bluetooth con un nombre hci largo y (1) conexión directamente al sistema Windows Mobile o (2) esperar para escanear dispositivos cercanos del sistema Windows Mobile.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-09-26 CVE Reserved
- 2008-09-27 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-11-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://secunia.com/advisories/32066 | Third Party Advisory | |
http://www.securityfocus.com/bid/31420 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/45463 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/6582 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Windows Mobile Search vendor "Microsoft" for product "Windows Mobile" | 6.0 Search vendor "Microsoft" for product "Windows Mobile" and version "6.0" | - |
Affected
| in | Htc Search vendor "Htc" | Mda Search vendor "Htc" for product "Mda" | 8125 Search vendor "Htc" for product "Mda" and version "8125" | - |
Safe
|
Microsoft Search vendor "Microsoft" | Windows Mobile Search vendor "Microsoft" for product "Windows Mobile" | 6.0 Search vendor "Microsoft" for product "Windows Mobile" and version "6.0" | - |
Affected
| in | Htc Search vendor "Htc" | Wiza Search vendor "Htc" for product "Wiza" | 200 Search vendor "Htc" for product "Wiza" and version "200" | - |
Safe
|