CVE-2006-6908

Name of the Vulnerable Software and Affected Versions: Widcomm Stack versions 3.x and earlier Widcomm BTStackServer versions 1.3.2.7 through 1.4.2.10 Widcomm Bluetooth Communication Software version 1.4.1.03 Bluetooth implementation on Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450

Description: The issue is a buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack. This allows remote attackers to cause a denial of service, resulting in a service crash, and possibly execute arbitrary code via unspecified vectors.

Recommendations: For Widcomm Stack versions 3.x and earlier, update to a version later than 3.x to resolve the issue. For Widcomm BTStackServer versions 1.3.2.7 through 1.4.2.10, update to a version later than 1.4.2.10 to resolve the issue. For Widcomm Bluetooth Communication Software version 1.4.1.03, update to a version later than 1.4.1.03 to resolve the issue. For the Bluetooth implementation on Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, consider disabling the Bluetooth functionality until a patch is available.