Vulnerability Report

CVE-2006-3146

Title: Toshiba Bluetooth Stack Memory Corruption

Memory Corruption

Proof Of Concept

No public PoC currently indexed for CVE-2006-3146.

CWE Category CWE-119

Published Date Jun 22, 2006

Modified Date Apr 03, 2025

Exploit Status Not Found

Score 5.0 CVSS v2.0

Exploit Probability (EPSS)

5.23%

Vulnerability Summary

CVE-2006-3146: The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23.

Impacted Vendors

toshiba 1

bavarian_motor_works 1

Reference Links

http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2 http://attrition.org/pipermail/vim/2006-October/001085.html http://briankrebswatch.blogspot.com/2006/10/more-on-toshiba-patches.html http://secunia.com/advisories/20657 http://securitytracker.com/id?1016345 http://trifinite.org/blog/archives/2006/06/update_tosiba_a.html http://trifinite.org/trifinite_advisory_toshiba.html http://www.osvdb.org/26686 http://www.securityfocus.com/archive/1/437811/100/0/threaded http://www.securityfocus.com/bid/18527 http://www.vupen.com/english/advisories/2006/2455 https://exchange.xforce.ibmcloud.com/vulnerabilities/27228 http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2 http://attrition.org/pipermail/vim/2006-October/001085.html http://briankrebswatch.blogspot.com/2006/10/more-on-toshiba-patches.html http://secunia.com/advisories/20657 http://securitytracker.com/id?1016345 http://trifinite.org/blog/archives/2006/06/update_tosiba_a.html http://trifinite.org/trifinite_advisory_toshiba.html http://www.osvdb.org/26686 http://www.securityfocus.com/archive/1/437811/100/0/threaded http://www.securityfocus.com/bid/18527 http://www.vupen.com/english/advisories/2006/2455 https://exchange.xforce.ibmcloud.com/vulnerabilities/27228

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

5.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:N/I:N/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2006-3146 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

June 22, 2006 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected Stack

No specific products linked.