CVE-2011-1265

Description

The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth packets, aka "Bluetooth Stack Vulnerability."

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Bluetooth / bluetooth_stack2.1 – 2.1
Microsoft / Windows 7
Microsoft / windows_vista
Microsoft / windows_vista

References

MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12094
MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-053
MISChttp://www.us-cert.gov/cas/techalerts/TA11-193A.html