Lucene search

[email protected]CVE-2004-2125

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2125

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2125

buffer overflow

blackice pc protection

system privileges

local exploit

7.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

24.5%

JSON

Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.

CPENameOperatorVersion
iss:realsecure_desktopiss realsecure desktopeq7.0ebg
iss:blackice_pc_protectioniss blackice pc protectioneq3.6cbd
iss:blackice_agent_serveriss blackice agent servereq3.6eca
iss:blackice_server_protectioniss blackice server protectioneq3.6cbz
iss:realsecure_desktopiss realsecure desktopeq3.6eca

CPE	Name	Operator	Version
iss:realsecure_desktop	iss realsecure desktop	eq	7.0ebg
iss:blackice_pc_protection	iss blackice pc protection	eq	3.6cbd
iss:blackice_agent_server	iss blackice agent server	eq	3.6eca
iss:blackice_server_protection	iss blackice server protection	eq	3.6cbz
iss:realsecure_desktop	iss realsecure desktop	eq	3.6eca

References

archives.neohapsis.com/archives/iss/2004-q1/0157.html

marc.info/?l=bugtraq&m=107530966524193&w=2

secunia.com/advisories/10739

www.osvdb.org/3740

www.securityfocus.com/bid/9514

exchange.xforce.ibmcloud.com/vulnerabilities/14965

7.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

24.5%

JSON

Related for CVE-2004-2125

nessus1