Unrated severityNVD Advisory· Published Jan 14, 2006· Updated Apr 16, 2026
CVE-2006-0212
CVE-2006-0212
Description
Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push.
Affected products
13cpe:2.3:a:toshiba:bluetooth_stack:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:toshiba:bluetooth_stack:*:*:*:*:*:*:*:*range: <=4.00.23t
- cpe:2.3:a:toshiba:bluetooth_stack:3.00.11:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.00.12:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.00.31a:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.00.32:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.01.03:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.10.00:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.20.00:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.20.01:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.20.02:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:3.20.04:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:4.00.01t:*:*:*:*:*:*:*
- cpe:2.3:a:toshiba:bluetooth_stack:4.00.11:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.digitalmunition.com/DMA%5B2006-0112a%5D.txtnvdExploitVendor Advisory
- secunia.com/advisories/18437nvdVendor Advisory
- aps.toshiba-tro.de/bluetooth/pages/driverinfo.phpnvd
- marc.infonvd
- securitytracker.com/idnvd
- www.osvdb.org/22380nvd
- www.securityfocus.com/archive/1/421993/100/0/threadednvd
- www.securityfocus.com/bid/16236nvd
- www.vupen.com/english/advisories/2006/0184nvd
News mentions
0No linked articles in our index yet.