CyberSec.Space Logo
Back to CVE Browser

CVE-2005-2716

HIGH
7.5
CVSS Severity Score
EPSS Score0.1190%
EPSS Percentile4.53th
PublishedAug 29, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name.

Affected Platforms (CPE)

πŸ“¦
Nokia

Affix

= 2.1.2
πŸ“¦
Nokia

Affix

= 3.2.0

References & Advisories

πŸ”— http://affix.sourceforge.net/patch_btsrv_affix_2_1_2
πŸ”— http://affix.sourceforge.net/patch_btsrv_affix_3_2_0
πŸ”— http://marc.info/?l=bugtraq&m=112511370326063&w=2
πŸ”— http://secunia.com/advisories/16574/
πŸ”— http://www.debian.org/security/2005/dsa-796
πŸ”— http://www.digitalmunition.com/DMA%5B2005-0826a%5D.txt
πŸ”— http://www.securityfocus.com/bid/14672
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/22034

Related Vulnerabilities

CVE-2005-227710.0

Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metach...

CVE-2005-22507.5

Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code v...

CVE-2005-12947.2

The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket ca...

CVE-2018-206776.1

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.