CVE-2015-0884

Sažetak

Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Reference

http://jvn.jp/vu/JVNVU99205169/index.html
http://www.kb.cert.org/vuls/id/632140
http://www.securitytracker.com/id/1031825
http://www.support.toshiba.com/sscontent?contentId=4007185
http://www.support.toshiba.com/sscontent?contentId=4007187

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

19-11-2015 - 17:00

Objavljeno

28-02-2015 - 02:59