Internet Security Systems BlackICE Server Protection 3.6cpk

CPE Details

Internet Security Systems BlackICE Server Protection 3.6cpk
iss
blackice_server_protection
3.6cpk
2007-08-23
19h16 +00:00
2008-03-25
18h15 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:iss:blackice_server_protection:3.6cpk:*:*:*:*:*:*:*

Informations

Vendor

iss

Product

blackice_server_protection

Version

3.6cpk

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2006-3840 2006-07-27 08h00 +00:00 The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
5
CVE-2005-2711 2006-03-24 01h00 +00:00 ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
7.2
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.