Follow @discotekdotca
CVE-2006-7129
Current Description
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
Basic Data
| Published | March 06, 2007 |
|---|---|
| Last Modified | October 16, 2018 |
| Assigner | cve@mitre.org |
| Data Type | CVE |
| Data Format | MITRE |
| Data Version | 4.0 |
| Problem Type | NVD-CWE-Other |
| CVE Data Version | 4.0 |
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|---|
| CVSS 2 - Vector String | AV:L/AC:L/Au:N/C:N/I:P/A:N |
| CVSS 2 - Access Vector | LOCAL |
| CVSS 2 - Access Complexity | LOW |
| CVSS 2 - Authentication | NONE |
| CVSS 2 - Confidentiality Impact | NONE |
| CVSS 2 - Availability Impact | NONE |
| CVSS 2 - Base Score | 2.1 |
| Severity | LOW |
| Exploitability Score | 3.9 |
| Impact Score | 2.9 |
| Obtain All Privilege | false |
| Obtain User Privilege | false |
| Obtain Other Privilege | false |
Base Metric V3
No data provided.
Configurations
-
OR - Configuration 1
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Application Iss Blackice Pc Protection 3.6cpj * * * * * * * � � � � 2.3 Application Iss Blackice Pc Protection 3.6cpu * * * * * * * � � � �
Vulnerable Software List
| Vendor | Product | Versions |
|---|---|---|
| Iss | Blackice Pc Protection | 3.6cpj, 3.6cpu |
References
| Name | Source | URL | Tags |
|---|---|---|---|
| 20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability | http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html | FULLDISC | |
| 2361 | http://securityreason.com/securityalert/2361 | SREASON | |
| http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php | http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php | MISC | |
| 30901 | http://www.osvdb.org/30901 | OSVDB | |
| 20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability | http://www.securityfocus.com/archive/1/448763/100/0/threaded | BUGTRAQ | |
| 20546 | http://www.securityfocus.com/bid/20546 | BID | |
| blackice-filelock-protection-bypass(29575) | https://exchange.xforce.ibmcloud.com/vulnerabilities/29575 | XF |