CVE-2004-2125

Summary

CVE	CVE-2004-2125
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2004-12-31 05:00:00 UTC
Updated	2017-07-11 01:31:00 UTC
Description	Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Iss	Blackice Agent Server	3.6eca	All	All	All
Application	Iss	Blackice Agent Server	3.6eca	All	All	All
Application	Iss	Blackice Pc Protection	3.6cbd	All	All	All
Application	Iss	Blackice Pc Protection	3.6cbd	All	All	All
Application	Iss	Blackice Server Protection	3.6cbz	All	All	All
Application	Iss	Blackice Server Protection	3.6cbz	All	All	All
Application	Iss	Realsecure Desktop	3.6eca	All	All	All
Application	Iss	Realsecure Desktop	7.0ebg	All	All	All
Application	Iss	Realsecure Desktop	3.6eca	All	All	All
Application	Iss	Realsecure Desktop	7.0ebg	All	All	All

References

Reference	Source	Link	Tags
20040128 SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM	BUGTRAQ	marc.info
Internet Security Systems BlackICE PC Protection blackd.exe Local Buffer Overrun Vulnerability	BID	www.securityfocus.com
3740	OSVDB	www.osvdb.org
Neohapsis Archives - ISS Discuss - #0157 - [ISSForum] Third party BlackICE advisory	MLIST	archives.neohapsis.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Secunia - Advisories - BlackICE PC Protection Privilege Escalation Vulnerability	SECUNIA	secunia.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.