Name of the Vulnerable Software and Affected Versions:

ISS BlackICE PC Protection (affected versions not specified)

Description:

A critical vulnerability was found in the Cross Site Scripting Detection component of ISS BlackICE PC Protection. The issue allows for privilege escalation through manipulation of POST/PUT/DELETE/OPTIONS Request. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.