PT-2004-3021 · Network Ice · Blackice Pc Protection

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2125

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions BlackICE PC Protection versions prior to 3.6.ccb

Description A buffer overflow issue exists in the blackd.exe component, allowing local users to gain system privileges. This can be achieved by modifying the .INI file to include a long packetLog.fileprefix value when application protection is off.

Recommendations For BlackICE PC Protection versions prior to 3.6.ccb, update to version 3.6.ccb or later to resolve the issue. As a temporary workaround, consider restricting modifications to the .INI file to prevent exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2125

Affected Products

Blackice Pc Protection

PT-2004-3021 · Network Ice · Blackice Pc Protection

CVE-2004-2125

Related Identifiers

Affected Products

References · 7