CVE-2004-2125

Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2125
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
iss / realsecure_desktop	7.0ebg	7.0ebg.x
iss / blackice_pc_protection	3.6cbd	3.6cbd.x
iss / blackice_agent_server	3.6eca	3.6eca.x
iss / blackice_server_protection	3.6cbz	3.6cbz.x
iss / realsecure_desktop	3.6eca	3.6eca.x

http://archives.neohapsis.com/archives/iss/2004-q1/0157.html
http://marc.info/?l=bugtraq&m=107530966524193&w=2
http://secunia.com/advisories/10739
http://www.osvdb.org/3740
http://www.securityfocus.com/bid/9514
https://exchange.xforce.ibmcloud.com/vulnerabilities/14965

Vulnerability Database

289,782

CVE-2004-2125