Search Results (Refine Search)
- CPE Product Version: cpe:/o:microsoft:windows_mobile:6.0::pro
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-0244 |
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder. Published: January 21, 2009; 3:30:00 PM -0500 |
V3.1: 8.8 HIGH V2.0: 8.5 HIGH |