Internet Security Systems BlackICE PC Protection 3.6cpj

CPE Details

Internet Security Systems BlackICE PC Protection 3.6cpj
iss
blackice_pc_protection
3.6cpj
2007-08-23
19h16 +00:00
2008-03-25
18h15 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:iss:blackice_pc_protection:3.6cpj:*:*:*:*:*:*:*

Informations

Vendor

iss

Product

blackice_pc_protection

Version

3.6cpj

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2006-7129 2007-03-06 00h00 +00:00 ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
2.1
CVE-2006-4541 2006-09-05 21h00 +00:00 RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.
4.6
CVE-2006-3999 2006-08-04 23h00 +00:00 ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions.
4.6
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.