CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2126

The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.0%

CVSS Severity

CVSS v2 Score 4.6

References

http://marc.info/?l=bugtraq&m=107530966524193&w=2
http://www.securityfocus.com/bid/9513
http://marc.info/?l=bugtraq&m=107530966524193&w=2
http://www.securityfocus.com/bid/9513

Products affected by CVE-2004-2126

Iss » Blackice Pc Protection » Version: N/A

cpe:2.3:a:iss:blackice_pc_protection:-
Iss » Blackice Pc Protection » Version: 3.6

cpe:2.3:a:iss:blackice_pc_protection:3.6
Iss » Blackice Pc Protection » Version: 3.6cbd

cpe:2.3:a:iss:blackice_pc_protection:3.6cbd
Iss » Blackice Pc Protection » Version: 3.6cbr

cpe:2.3:a:iss:blackice_pc_protection:3.6cbr
Iss » Blackice Pc Protection » Version: 3.6cbz

cpe:2.3:a:iss:blackice_pc_protection:3.6cbz

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2126

Products

Pricing

Contact Us