CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Iss: >> Blackice Pc Protection >> 3.6cbr Security Vulnerabilities

CVE-2004-2126

The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.

CVSS Score

4.6

EPSS Score

0.002

Published

2004-12-31

CVE-2004-1714

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.

CVSS Score

7.1

EPSS Score

0.001

Published

2004-08-11

Page 1

Vulnerabilities

Vulnerable Software

Iss: >> Blackice Pc Protection >> 3.6cbr Security Vulnerabilities

Products

Pricing

Contact Us