Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4295


Vulnerability Score 5.4 5.4
CVE Id CVE-2008-4295
Last Modified 18 Nov 2008 02:21:51
Published 27 Sep 2008 06:30:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote attackers to cause a denial of service (device reboot) by configuring a Bluetooth device with a long hci name and (1) connecting directly to the Windows Mobile system or (2) waiting for the Windows Mobile system to scan for nearby devices.

Vulnerable Systems

Operating System

  • Microsoft Windows Mobile 6.0


XF - windowsmobile-bluetooth-dos(45463)

BID - 31420

MILW0RM - 6582

SECUNIA - 32066

Last Updated: 27 May 2016 10:48:27