Blackice Pc Protection Security Vulnerabilities and Issues — Blackice Pc Protection CVE List

Lucene search

IssBlackice Pc Protection

10 matches found

CVE•added 2004/04/15 4:0 a.m.•58 views

CVE-2004-0362

Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response pac...

7.5CVSS7.7AI score0.82829EPSS

CVE•added 2006/07/27 11:4 a.m.•52 views

CVE-2006-3840

The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafte...

5CVSS6.6AI score0.02725EPSS

CVE•added 2004/09/01 4:0 a.m.•42 views

CVE-2004-0193

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Serv...

7.5CVSS8.2AI score0.32157EPSS

CVE•added 2005/05/27 4:0 a.m.•38 views

CVE-2004-2125

Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.

4.6CVSS7AI score0.00122EPSS

CVE•added 2005/05/27 4:0 a.m.•38 views

CVE-2004-2126

The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in...

4.6CVSS7.3AI score0.00222EPSS

CVE•added 2006/03/24 2:0 a.m.•38 views

CVE-2005-2711

ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to ex...

7.2CVSS7.1AI score0.00064EPSS

CVE•added 2007/03/06 1:19 a.m.•38 views

CVE-2006-7129

ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.

2.1CVSS6.5AI score0.00212EPSS

CVE•added 2006/09/05 11:4 p.m.•36 views

CVE-2006-4541

RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.

4.6CVSS6.7AI score0.00339EPSS

CVE•added 2005/02/26 5:0 a.m.•35 views

CVE-2004-1714

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to cont...

7.1CVSS6.7AI score0.00141EPSS

CVE•added 2006/08/05 1:4 a.m.•28 views

CVE-2006-3999

ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries be...

4.6CVSS6.5AI score0.00063EPSS