NVD Vulnerability Detail

CVE-2004-1714

Summary	BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.
Publication Date	Aug. 11, 2004, 1 p.m.
Registration Date	Jan. 29, 2021, 6:01 p.m.
Last Update	Jan. 27, 2024, 2:21 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:iss:blackice_server_protection:3.6ccg:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cce:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbr:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cca:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cch:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccb:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cno:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.5cdf:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cce:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccd:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cca:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccg:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccc:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cbz:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccf:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html	FULLDISC	Not Applicable
2	http://www.securityfocus.com/bid/10915	BID	Broken Link Exploit Third Party Advisory VDB Entry Vendor Advisory
3	http://marc.info/?l=bugtraq&m=109223751031166&w=2	BUGTRAQ	Mailing List
4	https://exchange.xforce.ibmcloud.com/vulnerabilities/16959	XF	Third Party Advisory VDB Entry

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-732	重要なリソースに対する不適切なパーミッションの割り当て	https://cwe.mitre.org/data/definitions/732.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:iss:blackice_server_protection:3.6ccg:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cce:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbr:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cca:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cch:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccb:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cno:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.5cdf:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cce:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccd:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cca:::::::*
cpe:2.3:a:iss:blackice_pc_protection:3.6ccg:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccc:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6cbz:::::::*
cpe:2.3:a:iss:blackice_server_protection:3.6ccf:::::::*