Vulnerabilities > ISS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-05-16 | CVE-2007-2690 | Remote Security vulnerability in ISS products Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. | 7.8 |
| 2005-12-31 | CVE-2005-2711 | Local Privilege Escalation vulnerability in Internet Security Systems BlackICE and RealSecure Desktop ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM. | 7.2 |
| 2004-08-11 | CVE-2004-1714 | Incorrect Permission Assignment for Critical Resource vulnerability in ISS Blackice PC Protection and Blackice Server Protection BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule. | 7.1 |
| 2004-04-15 | CVE-2004-0362 | Buffer Overflow vulnerability in Internet Security Systems Protocol Analysis Module ICQ Parsing Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm. | 7.5 |
| 2004-03-15 | CVE-2004-0193 | Heap Overflow vulnerability in Internet Security Systems Protocol Analysis Module SMB Parsing Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username. | 7.5 |
| 2002-10-04 | CVE-2002-0956 | Unspecified vulnerability in ISS Blackice Agent 3.1Eal BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions. | 7.5 |
| 2002-09-24 | CVE-2002-1122 | Buffer Overflow vulnerability in ISS Internet Scanner 6.2.1 Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response. | 7.5 |
| 2002-05-29 | CVE-2002-0237 | Buffer Overflow vulnerability in ISS products Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets. | 7.5 |
| 2001-10-30 | CVE-2001-0669 | Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL. | 7.5 |
| 2000-06-22 | CVE-2000-0562 | Unspecified vulnerability in ISS Blackice Agent and Blackice Defender BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. | 7.5 |