5 matches found
CVE-2004-0362
CVE-2004-0362 affects ISS PAM ICQ parsing in RealSecure/BlackICE/Proventia products. The issue is multiple stack-based buffer overflows in the ICQ server response handling (SRV_MULTI carrying SRV_USER_ONLINE/SRV_META_USER with long nickname/firstname/lastname/email), enabling remote code executio...
CVE-2006-3840
The CVE-2006-3840 issue affects ISS RealSecure/BlackICE products and related PAM SMB Mailslot parsing. A crafted SMB_Mailslot_Heap_Overflow payload can trigger an infinite loop in the detection code, causing remote DoS with potential client/system unresponsiveness. Affected products include RealS...
CVE-2004-0193
CVE-2004-0193 describes a heap-based buffer overflow in the ISS Protocol Analysis Module (PAM) used by RealSecure/BlackICE products. An SMB authentication request with a long username allows a remote attacker to execute arbitrary code. Affected: RealSecure Network 7.0 and Server Sensor 7.0, Prove...
CVE-2004-2125
The CVE-2004-2125 entry describes a local privilege escalation in BlackICE PC Protection before 3.6.ccb, caused by a buffer overflow in blackd.exe when a long packetLog.fileprefix value is written into the application’s INI file. Affected product: BlackICE PC Protection 3.6 and earlier (3.6.ccb)....
CVE-2005-2711
ISS BlackIce 3.6 and related products (BlackICE PC Protection, BlackICE Server Protection, BlackICE Agent for Server, RealSecure Desktop 3.6/7.0) are affected by a local privilege escalation vulnerability. The root cause is that the Application Protection module does not drop privileges before la...