CVE-2004-2126
First published: Fri Dec 31 2004(Updated: )
The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ISS BlackICE PC Protection | <=3.6cbz |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/iss
- product/blackice pc protection
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- canonical/iss blackice pc protection
- version/iss blackice pc protection/3.6cbz