Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for blackice_pc_protection by iss

    CVE-2006-7129 (GCVE-0-2006-7129)

    Vulnerability from nvd – Published: 2007-03-06 01:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    http://securityreason.com/securityalert/2361 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/20546 vdb-entryx_refsource_BID
    http://www.osvdb.org/30901 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/448763/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.matousec.com/info/advisories/BlackICE-… x_refsource_MISC
    Date Public
    2006-10-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:06.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
              },
              {
                "name": "2361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2361"
              },
              {
                "name": "20546",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20546"
              },
              {
                "name": "30901",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/30901"
              },
              {
                "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
              },
              {
                "name": "blackice-filelock-protection-bypass(29575)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
            },
            {
              "name": "2361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2361"
            },
            {
              "name": "20546",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20546"
            },
            {
              "name": "30901",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/30901"
            },
            {
              "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
            },
            {
              "name": "blackice-filelock-protection-bypass(29575)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7129",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
                },
                {
                  "name": "2361",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2361"
                },
                {
                  "name": "20546",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20546"
                },
                {
                  "name": "30901",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/30901"
                },
                {
                  "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
                },
                {
                  "name": "blackice-filelock-protection-bypass(29575)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7129",
        "datePublished": "2007-03-06T01:00:00.000Z",
        "dateReserved": "2007-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:06.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4541 (GCVE-0-2006-4541)

    Vulnerability from nvd – Published: 2006-09-05 23:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-09-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1512",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1512"
              },
              {
                "name": "28332",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28332"
              },
              {
                "name": "21710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21710"
              },
              {
                "name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
              },
              {
                "name": "19800",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19800"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
              },
              {
                "name": "ADV-2006-3431",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3431"
              },
              {
                "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1512",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1512"
            },
            {
              "name": "28332",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28332"
            },
            {
              "name": "21710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21710"
            },
            {
              "name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
            },
            {
              "name": "19800",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19800"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
            },
            {
              "name": "ADV-2006-3431",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3431"
            },
            {
              "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4541",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1512",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1512"
                },
                {
                  "name": "28332",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28332"
                },
                {
                  "name": "21710",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21710"
                },
                {
                  "name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
                },
                {
                  "name": "19800",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19800"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
                },
                {
                  "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
                },
                {
                  "name": "ADV-2006-3431",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3431"
                },
                {
                  "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4541",
        "datePublished": "2006-09-05T23:00:00.000Z",
        "dateReserved": "2006-09-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3999 (GCVE-0-2006-3999)

    Vulnerability from nvd – Published: 2006-08-05 01:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1016618 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/441829/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1338 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-08-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.409Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1016618",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016618"
              },
              {
                "name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
              },
              {
                "name": "1338",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1338"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll.  NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1016618",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016618"
            },
            {
              "name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
            },
            {
              "name": "1338",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1338"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3999",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll.  NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1016618",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016618"
                },
                {
                  "name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
                },
                {
                  "name": "1338",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1338"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3999",
        "datePublished": "2006-08-05T01:00:00.000Z",
        "dateReserved": "2006-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.409Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3840 (GCVE-0-2006-3840)

    Vulnerability from nvd – Published: 2006-07-27 10:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://iss.custhelp.com/cgi-bin/iss.cfg/php/endu… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/441278/100… mailing-listx_refsource_BUGTRAQ
    http://www.nsfocus.com/english/homepage/research/… x_refsource_MISC
    http://secunia.com/advisories/21219 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/2996 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016592 vdb-entryx_refsource_SECTRACK
    http://xforce.iss.net/xforce/alerts/id/230 third-party-advisoryx_refsource_ISS
    http://www.securityfocus.com/bid/19178 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1016590 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securitytracker.com/id?1016591 vdb-entryx_refsource_SECTRACK
    Date Public
    2006-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.136Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
              },
              {
                "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
              },
              {
                "name": "21219",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21219"
              },
              {
                "name": "ADV-2006-2996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2996"
              },
              {
                "name": "1016592",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016592"
              },
              {
                "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/230"
              },
              {
                "name": "19178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19178"
              },
              {
                "name": "1016590",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016590"
              },
              {
                "name": "pam-smb-mailslot-dos(27965)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
              },
              {
                "name": "1016591",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016591"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
            },
            {
              "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
            },
            {
              "name": "21219",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21219"
            },
            {
              "name": "ADV-2006-2996",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2996"
            },
            {
              "name": "1016592",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016592"
            },
            {
              "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/230"
            },
            {
              "name": "19178",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19178"
            },
            {
              "name": "1016590",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016590"
            },
            {
              "name": "pam-smb-mailslot-dos(27965)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
            },
            {
              "name": "1016591",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016591"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3840",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630",
                  "refsource": "CONFIRM",
                  "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
                },
                {
                  "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
                },
                {
                  "name": "http://www.nsfocus.com/english/homepage/research/0607.htm",
                  "refsource": "MISC",
                  "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
                },
                {
                  "name": "21219",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21219"
                },
                {
                  "name": "ADV-2006-2996",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2996"
                },
                {
                  "name": "1016592",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016592"
                },
                {
                  "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/230"
                },
                {
                  "name": "19178",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19178"
                },
                {
                  "name": "1016590",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016590"
                },
                {
                  "name": "pam-smb-mailslot-dos(27965)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
                },
                {
                  "name": "1016591",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016591"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3840",
        "datePublished": "2006-07-27T10:00:00.000Z",
        "dateReserved": "2006-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2711 (GCVE-0-2005-2711)

    Vulnerability from nvd – Published: 2006-03-24 02:00 – Updated: 2024-08-07 22:45
    VLAI
    Summary
    ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/17218 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1015820 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/24096 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1090 vdb-entryx_refsource_VUPEN
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://securitytracker.com/id?1015821 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19327 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-03-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:45:02.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17218",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17218"
              },
              {
                "name": "1015820",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015820"
              },
              {
                "name": "blackice-appprotection-privilege-escalation(25423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
              },
              {
                "name": "24096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24096"
              },
              {
                "name": "ADV-2006-1090",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1090"
              },
              {
                "name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
              },
              {
                "name": "1015821",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015821"
              },
              {
                "name": "19327",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19327"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17218",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17218"
            },
            {
              "name": "1015820",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015820"
            },
            {
              "name": "blackice-appprotection-privilege-escalation(25423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
            },
            {
              "name": "24096",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24096"
            },
            {
              "name": "ADV-2006-1090",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1090"
            },
            {
              "name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
            },
            {
              "name": "1015821",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015821"
            },
            {
              "name": "19327",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19327"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2711",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17218",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17218"
                },
                {
                  "name": "1015820",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015820"
                },
                {
                  "name": "blackice-appprotection-privilege-escalation(25423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
                },
                {
                  "name": "24096",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24096"
                },
                {
                  "name": "ADV-2006-1090",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1090"
                },
                {
                  "name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
                },
                {
                  "name": "1015821",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015821"
                },
                {
                  "name": "19327",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19327"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2711",
        "datePublished": "2006-03-24T02:00:00.000Z",
        "dateReserved": "2005-08-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:45:02.167Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2125 (GCVE-0-2004-2125)

    Vulnerability from nvd – Published: 2005-05-27 04:00 – Updated: 2024-08-08 01:15
    VLAI
    Summary
    Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/9514 vdb-entryx_refsource_BID
    http://www.osvdb.org/3740 vdb-entryx_refsource_OSVDB
    http://marc.info/?l=bugtraq&m=107530966524193&w=2 mailing-listx_refsource_BUGTRAQ
    http://archives.neohapsis.com/archives/iss/2004-q… mailing-listx_refsource_MLIST
    http://secunia.com/advisories/10739 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2004-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.601Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "blackice-blackdexe-bo(14965)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
              },
              {
                "name": "9514",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9514"
              },
              {
                "name": "3740",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/3740"
              },
              {
                "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
              },
              {
                "name": "[ISSForum] 20040128 Third party BlackICE advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
              },
              {
                "name": "10739",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10739"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "blackice-blackdexe-bo(14965)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
            },
            {
              "name": "9514",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9514"
            },
            {
              "name": "3740",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/3740"
            },
            {
              "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
            },
            {
              "name": "[ISSForum] 20040128 Third party BlackICE advisory",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
            },
            {
              "name": "10739",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10739"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2125",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "blackice-blackdexe-bo(14965)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
                },
                {
                  "name": "9514",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9514"
                },
                {
                  "name": "3740",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/3740"
                },
                {
                  "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
                },
                {
                  "name": "[ISSForum] 20040128 Third party BlackICE advisory",
                  "refsource": "MLIST",
                  "url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
                },
                {
                  "name": "10739",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10739"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2125",
        "datePublished": "2005-05-27T04:00:00.000Z",
        "dateReserved": "2005-05-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:15:01.601Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2126 (GCVE-0-2004-2126)

    Vulnerability from nvd – Published: 2005-05-27 04:00 – Updated: 2024-08-08 01:15
    VLAI
    Summary
    The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9513 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=107530966524193&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2004-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.652Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9513",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9513"
              },
              {
                "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9513",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9513"
            },
            {
              "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2126",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9513",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9513"
                },
                {
                  "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2126",
        "datePublished": "2005-05-27T04:00:00.000Z",
        "dateReserved": "2005-05-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:15:01.652Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1714 (GCVE-0-2004-1714)

    Vulnerability from nvd – Published: 2005-02-26 05:00 – Updated: 2024-08-08 01:00
    VLAI
    Summary
    BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.securityfocus.com/bid/10915 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=109223751031166&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-08-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:00:37.257Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"
              },
              {
                "name": "10915",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10915"
              },
              {
                "name": "20040811 BlackICE unprivileged local user attack",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109223751031166\u0026w=2"
              },
              {
                "name": "blackice-firewall-dos(16959)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-08-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"
            },
            {
              "name": "10915",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10915"
            },
            {
              "name": "20040811 BlackICE unprivileged local user attack",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109223751031166\u0026w=2"
            },
            {
              "name": "blackice-firewall-dos(16959)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1714",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"
                },
                {
                  "name": "10915",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10915"
                },
                {
                  "name": "20040811 BlackICE unprivileged local user attack",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109223751031166\u0026w=2"
                },
                {
                  "name": "blackice-firewall-dos(16959)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1714",
        "datePublished": "2005-02-26T05:00:00.000Z",
        "dateReserved": "2005-02-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:00:37.257Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0362 (GCVE-0-2004-0362)

    Vulnerability from nvd – Published: 2004-03-23 05:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://xforce.iss.net/xforce/alerts/id/166 third-party-advisoryx_refsource_ISS
    http://www.securityfocus.com/bid/9913 vdb-entryx_refsource_BID
    http://secunia.com/advisories/11073 third-party-advisoryx_refsource_SECUNIA
    http://www.ciac.org/ciac/bulletins/o-104.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.eeye.com/html/Research/Advisories/AD20… third-party-advisoryx_refsource_EEYE
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/4355 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/947254 third-party-advisoryx_refsource_CERT-VN
    http://marc.info/?l=bugtraq&m=107965651712378&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-03-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.262Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/166"
              },
              {
                "name": "9913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9913"
              },
              {
                "name": "11073",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11073"
              },
              {
                "name": "O-104",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
              },
              {
                "name": "AD20040318",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_EEYE",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
              },
              {
                "name": "pam-icq-parsing-bo(15442)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
              },
              {
                "name": "4355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/4355"
              },
              {
                "name": "VU#947254",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/947254"
              },
              {
                "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
              },
              {
                "name": "witty-worm-propagation(15543)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/166"
            },
            {
              "name": "9913",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9913"
            },
            {
              "name": "11073",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11073"
            },
            {
              "name": "O-104",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
            },
            {
              "name": "AD20040318",
              "tags": [
                "third-party-advisory",
                "x_refsource_EEYE"
              ],
              "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
            },
            {
              "name": "pam-icq-parsing-bo(15442)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
            },
            {
              "name": "4355",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/4355"
            },
            {
              "name": "VU#947254",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/947254"
            },
            {
              "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
            },
            {
              "name": "witty-worm-propagation(15543)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0362",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/166"
                },
                {
                  "name": "9913",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9913"
                },
                {
                  "name": "11073",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11073"
                },
                {
                  "name": "O-104",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
                },
                {
                  "name": "AD20040318",
                  "refsource": "EEYE",
                  "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
                },
                {
                  "name": "pam-icq-parsing-bo(15442)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
                },
                {
                  "name": "4355",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/4355"
                },
                {
                  "name": "VU#947254",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/947254"
                },
                {
                  "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
                },
                {
                  "name": "witty-worm-propagation(15543)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0362",
        "datePublished": "2004-03-23T05:00:00.000Z",
        "dateReserved": "2004-03-18T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.262Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0193 (GCVE-0-2004-0193)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/150326 third-party-advisoryx_refsource_CERT-VN
    http://xforce.iss.net/xforce/alerts/id/165 third-party-advisoryx_refsource_ISS
    http://www.osvdb.org/4072 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/10988 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=107789851117176&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.eeye.com/html/Research/Upcoming/200402… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.eeye.com/html/Research/Advisories/AD20… third-party-advisoryx_refsource_EEYE
    http://www.securityfocus.com/bid/9752 vdb-entryx_refsource_BID
    Date Public
    2004-02-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.846Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#150326",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/150326"
              },
              {
                "name": "20040226 Vulnerability in SMB Parsing in ISS Products",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/165"
              },
              {
                "name": "4072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/4072"
              },
              {
                "name": "10988",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10988"
              },
              {
                "name": "20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/Research/Upcoming/20040213.html"
              },
              {
                "name": "pam-smb-protocol-bo(15207)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
              },
              {
                "name": "AD20040226",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_EEYE",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/Research/Advisories/AD20040226.html"
              },
              {
                "name": "9752",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9752"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-02-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-03-18T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "VU#150326",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/150326"
            },
            {
              "name": "20040226 Vulnerability in SMB Parsing in ISS Products",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/165"
            },
            {
              "name": "4072",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/4072"
            },
            {
              "name": "10988",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10988"
            },
            {
              "name": "20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eeye.com/html/Research/Upcoming/20040213.html"
            },
            {
              "name": "pam-smb-protocol-bo(15207)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
            },
            {
              "name": "AD20040226",
              "tags": [
                "third-party-advisory",
                "x_refsource_EEYE"
              ],
              "url": "http://www.eeye.com/html/Research/Advisories/AD20040226.html"
            },
            {
              "name": "9752",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9752"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0193",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#150326",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/150326"
                },
                {
                  "name": "20040226 Vulnerability in SMB Parsing in ISS Products",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/165"
                },
                {
                  "name": "4072",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/4072"
                },
                {
                  "name": "10988",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10988"
                },
                {
                  "name": "20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
                },
                {
                  "name": "http://www.eeye.com/html/Research/Upcoming/20040213.html",
                  "refsource": "MISC",
                  "url": "http://www.eeye.com/html/Research/Upcoming/20040213.html"
                },
                {
                  "name": "pam-smb-protocol-bo(15207)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
                },
                {
                  "name": "AD20040226",
                  "refsource": "EEYE",
                  "url": "http://www.eeye.com/html/Research/Advisories/AD20040226.html"
                },
                {
                  "name": "9752",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9752"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0193",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.846Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-7129 (GCVE-0-2006-7129)

    Vulnerability from cvelistv5 – Published: 2007-03-06 01:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    http://securityreason.com/securityalert/2361 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/20546 vdb-entryx_refsource_BID
    http://www.osvdb.org/30901 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/448763/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.matousec.com/info/advisories/BlackICE-… x_refsource_MISC
    Date Public
    2006-10-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:06.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
              },
              {
                "name": "2361",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2361"
              },
              {
                "name": "20546",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20546"
              },
              {
                "name": "30901",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/30901"
              },
              {
                "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
              },
              {
                "name": "blackice-filelock-protection-bypass(29575)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
            },
            {
              "name": "2361",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2361"
            },
            {
              "name": "20546",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20546"
            },
            {
              "name": "30901",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/30901"
            },
            {
              "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
            },
            {
              "name": "blackice-filelock-protection-bypass(29575)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7129",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html"
                },
                {
                  "name": "2361",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2361"
                },
                {
                  "name": "20546",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20546"
                },
                {
                  "name": "30901",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/30901"
                },
                {
                  "name": "20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/448763/100/0/threaded"
                },
                {
                  "name": "blackice-filelock-protection-bypass(29575)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29575"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7129",
        "datePublished": "2007-03-06T01:00:00.000Z",
        "dateReserved": "2007-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:06.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4541 (GCVE-0-2006-4541)

    Vulnerability from cvelistv5 – Published: 2006-09-05 23:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-09-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1512",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1512"
              },
              {
                "name": "28332",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28332"
              },
              {
                "name": "21710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21710"
              },
              {
                "name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
              },
              {
                "name": "19800",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19800"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
              },
              {
                "name": "ADV-2006-3431",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3431"
              },
              {
                "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1512",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1512"
            },
            {
              "name": "28332",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28332"
            },
            {
              "name": "21710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21710"
            },
            {
              "name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
            },
            {
              "name": "19800",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19800"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
            },
            {
              "name": "ADV-2006-3431",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3431"
            },
            {
              "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4541",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1512",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1512"
                },
                {
                  "name": "28332",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28332"
                },
                {
                  "name": "21710",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21710"
                },
                {
                  "name": "20060901 ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/444958/100/0/threaded"
                },
                {
                  "name": "19800",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19800"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php"
                },
                {
                  "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
                },
                {
                  "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
                  "refsource": "MISC",
                  "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
                },
                {
                  "name": "ADV-2006-3431",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3431"
                },
                {
                  "name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4541",
        "datePublished": "2006-09-05T23:00:00.000Z",
        "dateReserved": "2006-09-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3999 (GCVE-0-2006-3999)

    Vulnerability from cvelistv5 – Published: 2006-08-05 01:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1016618 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/441829/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1338 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-08-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.409Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1016618",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016618"
              },
              {
                "name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
              },
              {
                "name": "1338",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1338"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll.  NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1016618",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016618"
            },
            {
              "name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
            },
            {
              "name": "1338",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1338"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3999",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll.  NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1016618",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016618"
                },
                {
                  "name": "20060801 ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441829/100/0/threaded"
                },
                {
                  "name": "1338",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1338"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3999",
        "datePublished": "2006-08-05T01:00:00.000Z",
        "dateReserved": "2006-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.409Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3840 (GCVE-0-2006-3840)

    Vulnerability from cvelistv5 – Published: 2006-07-27 10:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://iss.custhelp.com/cgi-bin/iss.cfg/php/endu… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/441278/100… mailing-listx_refsource_BUGTRAQ
    http://www.nsfocus.com/english/homepage/research/… x_refsource_MISC
    http://secunia.com/advisories/21219 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/2996 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016592 vdb-entryx_refsource_SECTRACK
    http://xforce.iss.net/xforce/alerts/id/230 third-party-advisoryx_refsource_ISS
    http://www.securityfocus.com/bid/19178 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1016590 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securitytracker.com/id?1016591 vdb-entryx_refsource_SECTRACK
    Date Public
    2006-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.136Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
              },
              {
                "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
              },
              {
                "name": "21219",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21219"
              },
              {
                "name": "ADV-2006-2996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2996"
              },
              {
                "name": "1016592",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016592"
              },
              {
                "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/230"
              },
              {
                "name": "19178",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19178"
              },
              {
                "name": "1016590",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016590"
              },
              {
                "name": "pam-smb-mailslot-dos(27965)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
              },
              {
                "name": "1016591",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016591"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
            },
            {
              "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
            },
            {
              "name": "21219",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21219"
            },
            {
              "name": "ADV-2006-2996",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2996"
            },
            {
              "name": "1016592",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016592"
            },
            {
              "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/230"
            },
            {
              "name": "19178",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19178"
            },
            {
              "name": "1016590",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016590"
            },
            {
              "name": "pam-smb-mailslot-dos(27965)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
            },
            {
              "name": "1016591",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016591"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3840",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630",
                  "refsource": "CONFIRM",
                  "url": "https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630"
                },
                {
                  "name": "20060727 NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441278/100/0/threaded"
                },
                {
                  "name": "http://www.nsfocus.com/english/homepage/research/0607.htm",
                  "refsource": "MISC",
                  "url": "http://www.nsfocus.com/english/homepage/research/0607.htm"
                },
                {
                  "name": "21219",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21219"
                },
                {
                  "name": "ADV-2006-2996",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2996"
                },
                {
                  "name": "1016592",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016592"
                },
                {
                  "name": "20060726 Protocol Parsing Bug in SMB Mailslot Parsing in ISS Products",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/230"
                },
                {
                  "name": "19178",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19178"
                },
                {
                  "name": "1016590",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016590"
                },
                {
                  "name": "pam-smb-mailslot-dos(27965)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27965"
                },
                {
                  "name": "1016591",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016591"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3840",
        "datePublished": "2006-07-27T10:00:00.000Z",
        "dateReserved": "2006-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2711 (GCVE-0-2005-2711)

    Vulnerability from cvelistv5 – Published: 2006-03-24 02:00 – Updated: 2024-08-07 22:45
    VLAI
    Summary
    ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/17218 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1015820 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/24096 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1090 vdb-entryx_refsource_VUPEN
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://securitytracker.com/id?1015821 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19327 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-03-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:45:02.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17218",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17218"
              },
              {
                "name": "1015820",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015820"
              },
              {
                "name": "blackice-appprotection-privilege-escalation(25423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
              },
              {
                "name": "24096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24096"
              },
              {
                "name": "ADV-2006-1090",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1090"
              },
              {
                "name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
              },
              {
                "name": "1015821",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015821"
              },
              {
                "name": "19327",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19327"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17218",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17218"
            },
            {
              "name": "1015820",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015820"
            },
            {
              "name": "blackice-appprotection-privilege-escalation(25423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
            },
            {
              "name": "24096",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24096"
            },
            {
              "name": "ADV-2006-1090",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1090"
            },
            {
              "name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
            },
            {
              "name": "1015821",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015821"
            },
            {
              "name": "19327",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19327"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2711",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the \"More Info\" button in the \"Application Protection\" dialog, which allows local users to execute arbitrary programs as SYSTEM."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17218",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17218"
                },
                {
                  "name": "1015820",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015820"
                },
                {
                  "name": "blackice-appprotection-privilege-escalation(25423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25423"
                },
                {
                  "name": "24096",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24096"
                },
                {
                  "name": "ADV-2006-1090",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1090"
                },
                {
                  "name": "20060323 ISS Multiple Products Local Privilege Escalation Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403"
                },
                {
                  "name": "1015821",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015821"
                },
                {
                  "name": "19327",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19327"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2711",
        "datePublished": "2006-03-24T02:00:00.000Z",
        "dateReserved": "2005-08-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:45:02.167Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2125 (GCVE-0-2004-2125)

    Vulnerability from cvelistv5 – Published: 2005-05-27 04:00 – Updated: 2024-08-08 01:15
    VLAI
    Summary
    Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/9514 vdb-entryx_refsource_BID
    http://www.osvdb.org/3740 vdb-entryx_refsource_OSVDB
    http://marc.info/?l=bugtraq&m=107530966524193&w=2 mailing-listx_refsource_BUGTRAQ
    http://archives.neohapsis.com/archives/iss/2004-q… mailing-listx_refsource_MLIST
    http://secunia.com/advisories/10739 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2004-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.601Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "blackice-blackdexe-bo(14965)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
              },
              {
                "name": "9514",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9514"
              },
              {
                "name": "3740",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/3740"
              },
              {
                "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
              },
              {
                "name": "[ISSForum] 20040128 Third party BlackICE advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
              },
              {
                "name": "10739",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10739"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "blackice-blackdexe-bo(14965)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
            },
            {
              "name": "9514",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9514"
            },
            {
              "name": "3740",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/3740"
            },
            {
              "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
            },
            {
              "name": "[ISSForum] 20040128 Third party BlackICE advisory",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
            },
            {
              "name": "10739",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10739"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2125",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "blackice-blackdexe-bo(14965)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14965"
                },
                {
                  "name": "9514",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9514"
                },
                {
                  "name": "3740",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/3740"
                },
                {
                  "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
                },
                {
                  "name": "[ISSForum] 20040128 Third party BlackICE advisory",
                  "refsource": "MLIST",
                  "url": "http://archives.neohapsis.com/archives/iss/2004-q1/0157.html"
                },
                {
                  "name": "10739",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10739"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2125",
        "datePublished": "2005-05-27T04:00:00.000Z",
        "dateReserved": "2005-05-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:15:01.601Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2126 (GCVE-0-2004-2126)

    Vulnerability from cvelistv5 – Published: 2005-05-27 04:00 – Updated: 2024-08-08 01:15
    VLAI
    Summary
    The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/9513 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=107530966524193&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2004-01-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.652Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "9513",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9513"
              },
              {
                "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-01-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "9513",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9513"
            },
            {
              "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2126",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "9513",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9513"
                },
                {
                  "name": "20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107530966524193\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2126",
        "datePublished": "2005-05-27T04:00:00.000Z",
        "dateReserved": "2005-05-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:15:01.652Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1714 (GCVE-0-2004-1714)

    Vulnerability from cvelistv5 – Published: 2005-02-26 05:00 – Updated: 2024-08-08 01:00
    VLAI
    Summary
    BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.securityfocus.com/bid/10915 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=109223751031166&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-08-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:00:37.257Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"
              },
              {
                "name": "10915",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10915"
              },
              {
                "name": "20040811 BlackICE unprivileged local user attack",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109223751031166\u0026w=2"
              },
              {
                "name": "blackice-firewall-dos(16959)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-08-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"
            },
            {
              "name": "10915",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10915"
            },
            {
              "name": "20040811 BlackICE unprivileged local user attack",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109223751031166\u0026w=2"
            },
            {
              "name": "blackice-firewall-dos(16959)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1714",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"
                },
                {
                  "name": "10915",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10915"
                },
                {
                  "name": "20040811 BlackICE unprivileged local user attack",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109223751031166\u0026w=2"
                },
                {
                  "name": "blackice-firewall-dos(16959)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1714",
        "datePublished": "2005-02-26T05:00:00.000Z",
        "dateReserved": "2005-02-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:00:37.257Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0193 (GCVE-0-2004-0193)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/150326 third-party-advisoryx_refsource_CERT-VN
    http://xforce.iss.net/xforce/alerts/id/165 third-party-advisoryx_refsource_ISS
    http://www.osvdb.org/4072 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/10988 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=107789851117176&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.eeye.com/html/Research/Upcoming/200402… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.eeye.com/html/Research/Advisories/AD20… third-party-advisoryx_refsource_EEYE
    http://www.securityfocus.com/bid/9752 vdb-entryx_refsource_BID
    Date Public
    2004-02-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.846Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#150326",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/150326"
              },
              {
                "name": "20040226 Vulnerability in SMB Parsing in ISS Products",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/165"
              },
              {
                "name": "4072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/4072"
              },
              {
                "name": "10988",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10988"
              },
              {
                "name": "20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/Research/Upcoming/20040213.html"
              },
              {
                "name": "pam-smb-protocol-bo(15207)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
              },
              {
                "name": "AD20040226",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_EEYE",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/Research/Advisories/AD20040226.html"
              },
              {
                "name": "9752",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9752"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-02-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-03-18T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "VU#150326",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/150326"
            },
            {
              "name": "20040226 Vulnerability in SMB Parsing in ISS Products",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/165"
            },
            {
              "name": "4072",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/4072"
            },
            {
              "name": "10988",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10988"
            },
            {
              "name": "20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eeye.com/html/Research/Upcoming/20040213.html"
            },
            {
              "name": "pam-smb-protocol-bo(15207)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
            },
            {
              "name": "AD20040226",
              "tags": [
                "third-party-advisory",
                "x_refsource_EEYE"
              ],
              "url": "http://www.eeye.com/html/Research/Advisories/AD20040226.html"
            },
            {
              "name": "9752",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9752"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0193",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#150326",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/150326"
                },
                {
                  "name": "20040226 Vulnerability in SMB Parsing in ISS Products",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/165"
                },
                {
                  "name": "4072",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/4072"
                },
                {
                  "name": "10988",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10988"
                },
                {
                  "name": "20040227 EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107789851117176\u0026w=2"
                },
                {
                  "name": "http://www.eeye.com/html/Research/Upcoming/20040213.html",
                  "refsource": "MISC",
                  "url": "http://www.eeye.com/html/Research/Upcoming/20040213.html"
                },
                {
                  "name": "pam-smb-protocol-bo(15207)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15207"
                },
                {
                  "name": "AD20040226",
                  "refsource": "EEYE",
                  "url": "http://www.eeye.com/html/Research/Advisories/AD20040226.html"
                },
                {
                  "name": "9752",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9752"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0193",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.846Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0362 (GCVE-0-2004-0362)

    Vulnerability from cvelistv5 – Published: 2004-03-23 05:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://xforce.iss.net/xforce/alerts/id/166 third-party-advisoryx_refsource_ISS
    http://www.securityfocus.com/bid/9913 vdb-entryx_refsource_BID
    http://secunia.com/advisories/11073 third-party-advisoryx_refsource_SECUNIA
    http://www.ciac.org/ciac/bulletins/o-104.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.eeye.com/html/Research/Advisories/AD20… third-party-advisoryx_refsource_EEYE
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/4355 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/947254 third-party-advisoryx_refsource_CERT-VN
    http://marc.info/?l=bugtraq&m=107965651712378&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-03-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.262Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/166"
              },
              {
                "name": "9913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9913"
              },
              {
                "name": "11073",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11073"
              },
              {
                "name": "O-104",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
              },
              {
                "name": "AD20040318",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_EEYE",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
              },
              {
                "name": "pam-icq-parsing-bo(15442)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
              },
              {
                "name": "4355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/4355"
              },
              {
                "name": "VU#947254",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/947254"
              },
              {
                "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
              },
              {
                "name": "witty-worm-propagation(15543)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/166"
            },
            {
              "name": "9913",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9913"
            },
            {
              "name": "11073",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11073"
            },
            {
              "name": "O-104",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
            },
            {
              "name": "AD20040318",
              "tags": [
                "third-party-advisory",
                "x_refsource_EEYE"
              ],
              "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
            },
            {
              "name": "pam-icq-parsing-bo(15442)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
            },
            {
              "name": "4355",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/4355"
            },
            {
              "name": "VU#947254",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/947254"
            },
            {
              "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
            },
            {
              "name": "witty-worm-propagation(15543)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0362",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040318 Vulnerability in ICQ Parsing in ISS Products",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/166"
                },
                {
                  "name": "9913",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9913"
                },
                {
                  "name": "11073",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11073"
                },
                {
                  "name": "O-104",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-104.shtml"
                },
                {
                  "name": "AD20040318",
                  "refsource": "EEYE",
                  "url": "http://www.eeye.com/html/Research/Advisories/AD20040318.html"
                },
                {
                  "name": "pam-icq-parsing-bo(15442)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15442"
                },
                {
                  "name": "4355",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/4355"
                },
                {
                  "name": "VU#947254",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/947254"
                },
                {
                  "name": "20040318 EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107965651712378\u0026w=2"
                },
                {
                  "name": "witty-worm-propagation(15543)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15543"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0362",
        "datePublished": "2004-03-23T05:00:00.000Z",
        "dateReserved": "2004-03-18T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.262Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }