Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0884

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2015-0884
Last Modified 23 Mar 2015 10:02:17
Published 27 Feb 2015 09:59:33
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2015-0884

Summary

Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Vulnerable Systems

Application

  • Toshiba Bluetooth Stack 9.10.27%28t%29

  • Toshiba Service Station 2.2.13


References

CERT-VN - VU#632140

CONFIRM - http://www.support.toshiba.com/sscontent?contentId=4007187

CONFIRM - http://www.support.toshiba.com/sscontent?contentId=4007185

MISC - http://jvn.jp/vu/JVNVU99205169/index.html

SECTRACK - 1031825


Last Updated: 27 May 2016 11:07:57