Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows Mobile OBEX FTP服务目录遍历漏洞
Vulnerability Description
Windows Mobile是微软开发的用于手机等移动设备的操作系统。 大多数Windows Mobile操作系统都捆绑的Microsoft蓝牙栈,OBEX FTP是蓝牙栈中最常见的服务。 可使用OBEX FTP蓝牙服务通过蓝牙共享文件。通常该服务配置为仅共享特定的目录,用户可在该目录放置所有希望共享的文件。默认的目录为My Device\My Documents\Bluetooth Share。 OBEX FTP服务中存在目录遍历漏洞,通过认证的远程攻击者可以使用ObexFTP等工具遍历出默认蓝牙共享目
CVSS Information
N/A
Vulnerability Type
N/A