Remote Code Execution Vulnerability in Microsoft Windows Bluetooth Stack
CVE-2008-1453

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Xp; Windows-nt; Windows Vista
Vendor: CVE Published:; 12 June 2008

What is CVE-2008-1453?

The Bluetooth stack in specific versions of Microsoft Windows, including Windows XP SP2, SP3, and Vista Gold and SP1, contains a vulnerability that allows attackers in close proximity to execute arbitrary code. This exploitation occurs through the manipulation of a series of malformed Service Discovery Protocol (SDP) packets, potentially leading to unauthorized actions being executed on the affected system.

References

http://www.vupen.com/english/advisories/2008/1777

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/29522

vdb-entryx_refsource_BID

http://www.us-cert.gov/cas/techalerts/TA08-162B.html

third-party-advisoryx_refsource_CERT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 12, 2008
Vulnerability Reserved
Mar 21, 2008