CVE-2004-1714

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions BlackICE PC Protection and Server Protection (affected versions not specified)

Description The issue allows local users to cause a denial of service or modify configuration due to the installation of certain files with Everyone Full Control permissions. Specifically, files such as firewall.ini, blackice.ini, sigs.ini, and protect.ini are installed with these permissions. This can be exploited by modifying the firewall.ini file to contain a large firewall rule, demonstrating the potential for a denial of service or configuration modification.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2004-1714

Affected Products

Blackice Pc Protection

Blackice Server Protection

CVE-2004-1714

Weakness Enumeration

Related Identifiers

Affected Products

References · 7