• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WIDCOMM Bluetooth Communication Software Multiple Unspecified Buffer Overflow Vulnerabilities

WIDCOMM Bluetooth Communication Software is susceptible to multiple unspecified remote buffer overflow vulnerabilities. These vulnerabilities exist due to insufficient boundary checks performed by the application.

An unauthenticated remote attacker can trigger an overflow conditions by supplying malformed service requests.

Various devices from multiple vendors are thought to be affected by these issues, as they are implemented with WIDCOMM software. These issues have been verified by the researchers in BTStackServer version 1.3.2.7 and 1.4.2.10 running on Microsoft Windows XP and Windows 98. HP IPAQ 5450 running WinCE 3.0 with Bluetooth software version 1.4.1.03 is reported prone as well.

WIDCOMM Bluetooth Communication Software BTW & BT-CE/PPC 3.0 do not appear to be affected by these issues.