CVE-2005-2711
First published: Sat Dec 31 2005(Updated: )
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Iss Realsecure Desktop | =3.6 | |
| ISS BlackICE PC Protection | =3.6 | |
| Iss Blackice Agent Server | ||
| Iss Realsecure Desktop | =7.0 | |
| Iss Blackice Server Protection | ||
| ISS BlackICE PC Protection | =3.6cpu |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403
- http://www.securityfocus.com/bid/17218
- http://www.osvdb.org/24096
- http://securitytracker.com/id?1015820
- http://securitytracker.com/id?1015821
- http://secunia.com/advisories/19327
- http://www.vupen.com/english/advisories/2006/1090
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25423
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/iss
- canonical/iss realsecure desktop
- version/iss realsecure desktop/3.6
- canonical/iss blackice pc protection
- version/iss blackice pc protection/3.6
- canonical/iss blackice agent server
- version/iss realsecure desktop/7.0
- canonical/iss blackice server protection
- version/iss blackice pc protection/3.6cpu