Title: Toshiba Bluetooth Stack Unspecified Remote Memory Corruption Vulnerability
Severity: CRITICAL
Description:
Toshiba Bluetooth Stack is Bluetooth software for Microsoft Windows platforms.
Toshiba Bluetooth Stack is prone to an unspecified remote memory-corruption vulnerability because the software fails to properly bounds-check user-supplied input containing specially crafted Bluetooth packets.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the kernel running the affected software, facilitating the complete compromise of affected computers. Failed exploit attempts likely result in denial-of-service conditions.
Versions 3 through 4.00.35 of the Toshiba Bluetooth stack are vulnerable to this issue. OEM vendors such as Dell, Sony, ASUS, and potentially others include vulnerable versions of the affected software.
This issue may potentially be related to the one described in BID 18527 (Toshiba Bluetooth Stack TOSRFBD.SYS Remote Denial of Service Vulnerability), but this has not been confirmed.
Affected Products:
- Toshiba Bluetooth Stack 3
- Toshiba Bluetooth Stack 4
- Toshiba Bluetooth Stack 4.0.11 (for Dell)
- Toshiba Bluetooth Stack 4.0.23
References:
- Toshiba: Bluetooth Stack Downloads
- Toshiba: Toshiba Home Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
