CVE-2015-0884
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/02/2015
Last modified:
12/04/2025
Description
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.
Impact
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:toshiba:bluetooth_stack:9.10.27\(t\):*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:toshiba:service_station:*:*:*:*:*:*:*:* | 2.2.13 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://jvn.jp/vu/JVNVU99205169/index.html
- http://www.kb.cert.org/vuls/id/632140
- http://www.securitytracker.com/id/1031825
- http://www.support.toshiba.com/sscontent?contentId=4007185
- http://www.support.toshiba.com/sscontent?contentId=4007187
- http://jvn.jp/vu/JVNVU99205169/index.html
- http://www.kb.cert.org/vuls/id/632140
- http://www.securitytracker.com/id/1031825
- http://www.support.toshiba.com/sscontent?contentId=4007185
- http://www.support.toshiba.com/sscontent?contentId=4007187