The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth packets, aka "Bluetooth Stack Vulnerability."
References
Link | Resource |
---|---|
http://www.us-cert.gov/cas/techalerts/TA11-193A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-053 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12094 | Tool Signature |
http://www.us-cert.gov/cas/techalerts/TA11-193A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-053 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12094 | Tool Signature |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:25
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.us-cert.gov/cas/techalerts/TA11-193A.html - Third Party Advisory, US Government Resource | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-053 - Patch, Vendor Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12094 - Tool Signature |
Information
Published : 2011-07-13 22:55
Updated : 2024-11-21 01:25
NVD link : CVE-2011-1265
Mitre link : CVE-2011-1265
CVE.ORG link : CVE-2011-1265
JSON object : View
Products Affected
microsoft
- windows_vista
- windows_7
bluetooth
- bluetooth_stack
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')