Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-1714
HistoryAug 11, 2004 - 4:00 a.m.

CVE-2004-1714

2004-08-1104:00:00
CWE-732
[email protected]
web.nvd.nist.gov
3

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

9.7%

JSON

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.

Affected configurations

Nvd
Node
issblackice_pc_protectionMatch3.6cbd
OR
issblackice_pc_protectionMatch3.6cbr
OR
issblackice_pc_protectionMatch3.6cbz
OR
issblackice_pc_protectionMatch3.6cca
OR
issblackice_pc_protectionMatch3.6ccb
OR
issblackice_pc_protectionMatch3.6ccc
OR
issblackice_pc_protectionMatch3.6ccd
OR
issblackice_pc_protectionMatch3.6cce
OR
issblackice_pc_protectionMatch3.6ccf
OR
issblackice_pc_protectionMatch3.6ccg
OR
issblackice_server_protectionMatch3.5cdf
OR
issblackice_server_protectionMatch3.6cbz
OR
issblackice_server_protectionMatch3.6cca
OR
issblackice_server_protectionMatch3.6ccb
OR
issblackice_server_protectionMatch3.6ccc
OR
issblackice_server_protectionMatch3.6ccd
OR
issblackice_server_protectionMatch3.6cce
OR
issblackice_server_protectionMatch3.6ccf
OR
issblackice_server_protectionMatch3.6ccg
OR
issblackice_server_protectionMatch3.6cch
OR
issblackice_server_protectionMatch3.6cno
VendorProductVersionCPE
issblackice_pc_protection3.6cbdcpe:2.3:a:iss:blackice_pc_protection:3.6cbd:*:*:*:*:*:*:*
issblackice_pc_protection3.6cbrcpe:2.3:a:iss:blackice_pc_protection:3.6cbr:*:*:*:*:*:*:*
issblackice_pc_protection3.6cbzcpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:*
issblackice_pc_protection3.6ccacpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:*
issblackice_pc_protection3.6ccbcpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:*
issblackice_pc_protection3.6ccccpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:*
issblackice_pc_protection3.6ccdcpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:*
issblackice_pc_protection3.6ccecpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:*
issblackice_pc_protection3.6ccfcpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:*
issblackice_pc_protection3.6ccgcpe:2.3:a:iss:blackice_pc_protection:3.6ccg:*:*:*:*:*:*:*
Rows per page:
1-10 of 211

Related

cve 1
cvelist 1
exploitdb 1
nessus 1
cve
cve
CVE-2004-1714
2005-02-26 05:00:00
cvelist
cvelist
CVE-2004-1714
2005-02-26 05:00:00
exploitdb
exploitdb
Internet Security Systems BlackICE PC Protection 3.6 - Firewall.INI Local Buffer Overrun
2004-08-11 00:00:00
nessus
nessus
ISS BlackICE/PC Protection Unprivileged User Local DoS
2004-08-13 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

9.7%

JSON
Related for NVD:CVE-2004-1714
cve1cvelist1exploitdb1nessus1