Internet Security Systems 3.6 BlackICE Local Denial of Service Vulnerability

ID SSV:82037
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


Internet Security Systems (ISS) BlackICE PC Protection is prone to a local denial-of-service vulnerability because the application fails to properly sanitize user-supplied input.

This vulnerability allows local attackers to crash affected systems, facilitating a denial-of-service condition on the local computer. Remote code execution may also be possible if the vulnerability is exploited in privileged kernel mode.

Versions 3.6.cpn, 3.6.cpj, and 3.6.cpiE are vulnerable to this issue; other versions may also be affected.