Vulnerabilities > ISS > Blackice PC Protection

DATE CVE VULNERABILITY TITLE RISK
2007-03-06 CVE-2006-7129 Unspecified vulnerability in ISS Blackice PC Protection 3.6Cpj/3.6Cpu
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
local
low complexity
iss
2.1
2006-09-05 CVE-2006-4541 Improper Input Validation vulnerability in ISS Blackice PC Protection
RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function.
local
low complexity
iss CWE-20
4.6
2006-08-05 CVE-2006-3999 Local Security vulnerability in ISS Blackice PC Protection 3.6Cpie/3.6Cpj
ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll.
local
low complexity
iss
4.6
2006-07-27 CVE-2006-3840 Resource Management Errors vulnerability in ISS products
The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
network
low complexity
iss CWE-399
5.0
2005-12-31 CVE-2005-2711 Local Privilege Escalation vulnerability in Internet Security Systems BlackICE and RealSecure Desktop
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
local
low complexity
iss
7.2
2004-12-31 CVE-2004-2126 Unspecified vulnerability in ISS Blackice PC Protection
The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.
local
low complexity
iss
4.6
2004-12-31 CVE-2004-2125 Local Buffer Overrun vulnerability in Internet Security Systems BlackICE PC Protection blackd.exe
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.
local
low complexity
iss
4.6
2004-08-11 CVE-2004-1714 Incorrect Permission Assignment for Critical Resource vulnerability in ISS Blackice PC Protection and Blackice Server Protection
BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.
local
low complexity
iss CWE-732
7.1
2004-04-15 CVE-2004-0362 Buffer Overflow vulnerability in Internet Security Systems Protocol Analysis Module ICQ Parsing
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
network
low complexity
iss
7.5
2004-03-15 CVE-2004-0193 Heap Overflow vulnerability in Internet Security Systems Protocol Analysis Module SMB Parsing
Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
network
low complexity
iss
7.5