Vulnerabilities > CVE-2005-4417 - Remote Security vulnerability in Blue Usb-130-250 Software

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

anycom

belkin

widcomm

exploit available

NVD

Published: 2005-12-20

Updated: 2018-10-19

Summary

The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1.1500 and earlier, as installed on Belkin Bluetooth Software 1.4.2 Build 10 and ANYCOM Blue USB-130-250 Software 4.0.1.1500, and possibly other devices, sets null Authentication and Authorization values, which allows remote attackers to send arbitrary audio and possibly eavesdrop using the microphone via the Hands Free Audio Gateway and Headset profile.

Vulnerable Configurations

Part	Description	Count
Application	Anycom Anycom Blue USB 130 250 Software 4.0.1.1500	1
Application	Belkin Belkin Bluetooth Software 1.4.2_Build_10	1
Application	Widcomm Widcomm Bluetooth FOR Windows 4.0.1.1500	1

Exploit-Db

description	WIDCOMM Bluetooth Software < 3.0 Remote Buffer Overflow Exploit. CVE-2005-4417. Remote exploit for windows platform
id	EDB-ID:1357
last seen	2016-01-31
modified	2005-12-04
published	2005-12-04
reporter	Kevin Finisterre
source	https://www.exploit-db.com/download/1357/
title	WIDCOMM Bluetooth Software < 3.0 - Remote Buffer Overflow Exploit

References

http://www.securityfocus.com/archive/1/419642/100/0/threaded