Blackice Server Protection
by Iss
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1714 | Hig | 0.49 | 7.1 | 0.01 | Aug 11, 2004 | BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying… | ||
| CVE-2004-0362 | 0.09 | — | 0.73 | Apr 15, 2004 | Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a… | |||
| CVE-2004-0193 | 0.01 | — | 0.08 | Mar 15, 2004 | Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection… | |||
| CVE-2006-3840 | 0.00 | — | 0.02 | Jul 27, 2006 | The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service… | |||
| CVE-2005-2711 | 0.00 | — | 0.00 | Dec 31, 2005 | ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which… | |||
| CVE-2004-2125 | 0.00 | — | 0.00 | Dec 31, 2004 | Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value. | |||
| CVE-2003-1527 | 0.00 | — | 0.01 | Dec 31, 2003 | BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. |
- risk 0.49cvss 7.1epss 0.01
BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying…
- CVE-2004-0362Apr 15, 2004risk 0.09cvss —epss 0.73
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a…
- CVE-2004-0193Mar 15, 2004risk 0.01cvss —epss 0.08
Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection…
- CVE-2006-3840Jul 27, 2006risk 0.00cvss —epss 0.02
The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service…
- CVE-2005-2711Dec 31, 2005risk 0.00cvss —epss 0.00
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which…
- CVE-2004-2125Dec 31, 2004risk 0.00cvss —epss 0.00
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.
- CVE-2003-1527Dec 31, 2003risk 0.00cvss —epss 0.01
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.