CVE-2006-3999

Name of the Vulnerable Software and Affected Versions ISS BlackICE PC Protection versions 3.6.cpj, 3.6.cpiE, and possibly earlier versions

Description The issue concerns the improper monitoring of the integrity of the pamversion.dll BlackICE library, allowing local users to subvert BlackICE by replacing pamversion.dll. This is considered a vulnerability because BlackICE is intended to protect against certain rogue privileged actions. Note that replacing pamversion.dll requires administrative privileges, which means the attack would not typically cross privilege boundaries.

Recommendations For ISS BlackICE PC Protection versions 3.6.cpj, 3.6.cpiE, and possibly earlier versions, consider implementing additional integrity checks on the pamversion.dll library to prevent unauthorized replacement. At the moment, there is no information about a newer version that contains a fix for this vulnerability.