CVE-2008-4295

Microsoft Windows Mobile 6.0 - Denial of Service via Bluetooth Long Name Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4295. PoCs published by Julien Bedard.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Windows Mobile 6 (WM6) via Bluetooth. It sends an overly long device name (90,000 'A' characters) to trigger a denial-of-service (reboot) condition. The PoC demonstrates two methods: direct connection to a known Bluetooth address or passive exploitation by setting a malicious device name and waiting for the target to discover it.

Description

Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote attackers to cause a denial of service (device reboot) by configuring a Bluetooth device with a long hci name and (1) connecting directly to the Windows Mobile system or (2) waiting for the Windows Mobile system to scan for nearby devices.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Julien Bedard · perldoshardware
https://www.exploit-db.com/exploits/6582

This exploit targets a buffer overflow vulnerability in Windows Mobile 6 (WM6) via Bluetooth. It sends an overly long device name (90,000 'A' characters) to trigger a denial-of-service (reboot) condition. The PoC demonstrates two methods: direct connection to a known Bluetooth address or passive exploitation by setting a malicious device name and waiting for the target to discover it.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Windows Mobile 6 (fully patched)
No auth needed
Prerequisites: Bluetooth-enabled device with Perl and Net::Bluetooth module · Target device must have Bluetooth enabled and be discoverable
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45463
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32066
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31420
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6582

Scores

EPSS 0.3014
EPSS Percentile 98.0%

Details

CWE
CWE-20
Status published
Products (1)
microsoft/windows_mobile 6.0
Published Sep 27, 2008
Tracked Since Feb 18, 2026