Lucene search

MitreCVE-2006-7129

HistoryMar 06, 2007 - 1:19 a.m.

CVE-2006-7129

2007-03-0601:19:00

mitre

web.nvd.nist.gov

iss blackice

pc protection

security

vulnerability

bypass

local users

zwdeletefile api

nvd

cve-2006-7129

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

Percentile

0.4%

JSON

ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.

Affected configurations

Nvd

Node

issblackice_pc_protectionMatch3.6cpj

issblackice_pc_protectionMatch3.6cpu

VendorProductVersionCPE
issblackice_pc_protection3.6cpjcpe:2.3:a:iss:blackice_pc_protection:3.6cpj:*:*:*:*:*:*:*
issblackice_pc_protection3.6cpucpe:2.3:a:iss:blackice_pc_protection:3.6cpu:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iss	blackice_pc_protection	3.6cpj	cpe:2.3:a:iss:blackice_pc_protection:3.6cpj:::::::*
iss	blackice_pc_protection	3.6cpu	cpe:2.3:a:iss:blackice_pc_protection:3.6cpu:::::::*

References

archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html

securityreason.com/securityalert/2361

www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php

www.osvdb.org/30901

www.securityfocus.com/archive/1/448763/100/0/threaded

www.securityfocus.com/bid/20546

exchange.xforce.ibmcloud.com/vulnerabilities/29575

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2006-7129