Vulnerability Details CVE-2004-1714
BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.4%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 2.1
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html
- http://marc.info/?l=bugtraq&m=109223751031166&w=2
- http://www.securityfocus.com/bid/10915
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16959
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html
- http://marc.info/?l=bugtraq&m=109223751031166&w=2
- http://www.securityfocus.com/bid/10915
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16959
Products affected by CVE-2004-1714
-
cpe:2.3:a:iss:blackice_pc_protection:3.6cbd
-
cpe:2.3:a:iss:blackice_pc_protection:3.6cbr
-
cpe:2.3:a:iss:blackice_pc_protection:3.6cbz
-
cpe:2.3:a:iss:blackice_pc_protection:3.6cca
-
cpe:2.3:a:iss:blackice_pc_protection:3.6ccb
-
cpe:2.3:a:iss:blackice_pc_protection:3.6ccc
-
cpe:2.3:a:iss:blackice_pc_protection:3.6ccd
-
cpe:2.3:a:iss:blackice_pc_protection:3.6cce
-
cpe:2.3:a:iss:blackice_pc_protection:3.6ccf
-
cpe:2.3:a:iss:blackice_pc_protection:3.6ccg
-
cpe:2.3:a:iss:blackice_server_protection:3.5cdf
-
cpe:2.3:a:iss:blackice_server_protection:3.6cbz
-
cpe:2.3:a:iss:blackice_server_protection:3.6cca
-
cpe:2.3:a:iss:blackice_server_protection:3.6ccb
-
cpe:2.3:a:iss:blackice_server_protection:3.6ccc
-
cpe:2.3:a:iss:blackice_server_protection:3.6ccd
-
cpe:2.3:a:iss:blackice_server_protection:3.6cce
-
cpe:2.3:a:iss:blackice_server_protection:3.6ccf
-
cpe:2.3:a:iss:blackice_server_protection:3.6ccg
-
cpe:2.3:a:iss:blackice_server_protection:3.6cch
-
cpe:2.3:a:iss:blackice_server_protection:3.6cno