CVE-2015-0884

Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
toshibabluetooth_stack
9.10.27\(t\)
toshibaservice_station
𝑥
≤ 2.2.13
𝑥
= Vulnerable software versions
References
http://jvn.jp/vu/JVNVU99205169/index.html
http://www.kb.cert.org/vuls/id/632140
http://www.securitytracker.com/id/1031825
http://www.support.toshiba.com/sscontent?contentId=4007185
http://www.support.toshiba.com/sscontent?contentId=4007187
http://jvn.jp/vu/JVNVU99205169/index.html
http://www.kb.cert.org/vuls/id/632140
http://www.securitytracker.com/id/1031825
http://www.support.toshiba.com/sscontent?contentId=4007185
http://www.support.toshiba.com/sscontent?contentId=4007187