Vulnerability Details : CVE-2004-2125
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.
Vulnerability category: Overflow
Products affected by CVE-2004-2125
- cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*
- cpe:2.3:a:iss:blackice_agent_server:3.6eca:*:*:*:*:*:*:*
- cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:*:*:*:*:*:*:*
- cpe:2.3:a:iss:realsecure_desktop:3.6eca:*:*:*:*:*:*:*
- cpe:2.3:a:iss:realsecure_desktop:7.0ebg:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-2125
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-2125
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
References for CVE-2004-2125
-
http://www.securityfocus.com/bid/9514
-
http://archives.neohapsis.com/archives/iss/2004-q1/0157.html
-
http://www.osvdb.org/3740
www.osvdb.org | 521: Web server is down
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/14965
BlackICE multiple products blackd.exe script buffer overflow CVE-2004-2126 Vulnerability Report
-
http://secunia.com/advisories/10739
About Secunia Research | Flexera
-
http://marc.info/?l=bugtraq&m=107530966524193&w=2
Jump to