CVE-2004-1714 - Vulnerability Details

Vendors	Products
Iss	Blackice Pc Protection Blackice Server Protection

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html
http://marc.info/?l=bugtraq&m=109223751031166&w=2
http://www.securityfocus.com/bid/10915
https://exchange.xforce.ibmcloud.com/vulnerabilities/16959

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-08-11T00:00:00", "descriptions": [{"lang": "en", "value": "BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"}, {"name": "10915", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/10915"}, {"name": "20040811 BlackICE unprivileged local user attack", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=109223751031166&w=2"}, {"name": "blackice-firewall-dos(16959)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1714", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"}, {"name": "10915", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10915"}, {"name": "20040811 BlackICE unprivileged local user attack", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=109223751031166&w=2"}, {"name": "blackice-firewall-dos(16959)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:00:37.257Z"}, "title": "CVE Program Container", "references": [{"name": "20040811 ISS BlackIce Server Protect Unprivileged User Attack", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"}, {"name": "10915", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/10915"}, {"name": "20040811 BlackICE unprivileged local user attack", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=109223751031166&w=2"}, {"name": "blackice-firewall-dos(16959)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1714", "datePublished": "2005-02-26T05:00:00", "dateReserved": "2005-02-26T00:00:00", "dateUpdated": "2024-08-08T01:00:37.257Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2004-08-11T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-07-10T14:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 20040811 ISS BlackIce Server Protect Unprivileged User Attack (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html (string)

}

1 : { »

name : 10915 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/10915 (string)

}

2 : { »

name : 20040811 BlackICE unprivileged local user attack (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://marc.info/?l=bugtraq&m=109223751031166&w=2 (string)

}

3 : { »

name : blackice-firewall-dos(16959) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/16959 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2004-1714 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20040811 ISS BlackIce Server Protect Unprivileged User Attack (string)

refsource : FULLDISC (string)

url : http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html (string)

}

1 : { »

name : 10915 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/10915 (string)

}

2 : { »

name : 20040811 BlackICE unprivileged local user attack (string)

refsource : BUGTRAQ (string)

url : http://marc.info/?l=bugtraq&m=109223751031166&w=2 (string)

}

3 : { »

name : blackice-firewall-dos(16959) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/16959 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-08T01:00:37.257Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20040811 ISS BlackIce Server Protect Unprivileged User Attack (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

2 : x_transferred (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html (string)

}

1 : { »

name : 10915 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/10915 (string)

}

2 : { »

name : 20040811 BlackICE unprivileged local user attack (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=bugtraq&m=109223751031166&w=2 (string)

}

3 : { »

name : blackice-firewall-dos(16959) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/16959 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2004-1714 (string)

datePublished : 2005-02-26T05:00:00 (string)

dateReserved : 2005-02-26T00:00:00 (string)

dateUpdated : 2024-08-08T01:00:37.257Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:*:*:*:*:*:*:*", "matchCriteriaId": "D62AC2AC-E7ED-498B-805F-2300B9793C2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cbr:*:*:*:*:*:*:*", "matchCriteriaId": "E03A05BE-03F9-49A5-8864-146E44E223B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:*", "matchCriteriaId": "44D1258B-70B0-4B20-9992-1E5DDD899935", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:*", "matchCriteriaId": "8FFB331C-EA1C-4DC6-B699-A4F6AB8FFB7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:*", "matchCriteriaId": "2E52039E-728B-4028-AEB0-9F77EE75B245", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:*", "matchCriteriaId": "F101B85F-C141-4977-885F-C29306BF1C97", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:*", "matchCriteriaId": "5746C7F8-8560-4082-AD73-66DB9D16D619", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:*", "matchCriteriaId": "A76034E6-B3B8-4A6A-B6CA-16AA2A8CD854", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:*", "matchCriteriaId": "7A02F0CF-E1C0-43FE-9971-966002A53679", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_pc_protection:3.6ccg:*:*:*:*:*:*:*", "matchCriteriaId": "4E9F7EF2-D5AC-47F3-948D-ED87B4F5269C", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.5cdf:*:*:*:*:*:*:*", "matchCriteriaId": "093413D9-CE6C-4285-9923-6DC2952F9764", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:*", "matchCriteriaId": "E33242A8-7BE6-4A69-A7CC-81BAFC2ADD50", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cca:*:*:*:*:*:*:*", "matchCriteriaId": "21E08CB5-0C90-4AF2-814C-3B4333681575", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccb:*:*:*:*:*:*:*", "matchCriteriaId": "8A52A4E2-281A-460C-BCCC-00A464BD6270", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccc:*:*:*:*:*:*:*", "matchCriteriaId": "B7DB4F39-B3C9-4AA2-A047-709A5D9B7F84", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccd:*:*:*:*:*:*:*", "matchCriteriaId": "4987E532-8729-4BC4-9997-962C32BC6CFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cce:*:*:*:*:*:*:*", "matchCriteriaId": "B47779E2-7BC5-4A5D-AD90-AC226735C631", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccf:*:*:*:*:*:*:*", "matchCriteriaId": "3BB1C793-85F6-48EB-8A53-DE8E91271A6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6ccg:*:*:*:*:*:*:*", "matchCriteriaId": "4D4D3A70-1CE2-4DD6-8890-55D1DCCFEBA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cch:*:*:*:*:*:*:*", "matchCriteriaId": "3A51DA17-F432-4AF0-9902-3FF9509C97BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:iss:blackice_server_protection:3.6cno:*:*:*:*:*:*:*", "matchCriteriaId": "E1CA428F-B281-46E2-86C1-E48A94BA4345", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule."}], "id": "CVE-2004-1714", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2004-08-11T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=109223751031166&w=2"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Exploit", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/10915"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=109223751031166&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Exploit", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/10915"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16959"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:*:*:*:*:*:*:* (string)

matchCriteriaId : D62AC2AC-E7ED-498B-805F-2300B9793C2E (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6cbr:*:*:*:*:*:*:* (string)

matchCriteriaId : E03A05BE-03F9-49A5-8864-146E44E223B0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:* (string)

matchCriteriaId : 44D1258B-70B0-4B20-9992-1E5DDD899935 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:* (string)

matchCriteriaId : 8FFB331C-EA1C-4DC6-B699-A4F6AB8FFB7E (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:* (string)

matchCriteriaId : 2E52039E-728B-4028-AEB0-9F77EE75B245 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:* (string)

matchCriteriaId : F101B85F-C141-4977-885F-C29306BF1C97 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:* (string)

matchCriteriaId : 5746C7F8-8560-4082-AD73-66DB9D16D619 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:* (string)

matchCriteriaId : A76034E6-B3B8-4A6A-B6CA-16AA2A8CD854 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:* (string)

matchCriteriaId : 7A02F0CF-E1C0-43FE-9971-966002A53679 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:iss:blackice_pc_protection:3.6ccg:*:*:*:*:*:*:* (string)

matchCriteriaId : 4E9F7EF2-D5AC-47F3-948D-ED87B4F5269C (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.5cdf:*:*:*:*:*:*:* (string)

matchCriteriaId : 093413D9-CE6C-4285-9923-6DC2952F9764 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6cbz:*:*:*:*:*:*:* (string)

matchCriteriaId : E33242A8-7BE6-4A69-A7CC-81BAFC2ADD50 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6cca:*:*:*:*:*:*:* (string)

matchCriteriaId : 21E08CB5-0C90-4AF2-814C-3B4333681575 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6ccb:*:*:*:*:*:*:* (string)

matchCriteriaId : 8A52A4E2-281A-460C-BCCC-00A464BD6270 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6ccc:*:*:*:*:*:*:* (string)

matchCriteriaId : B7DB4F39-B3C9-4AA2-A047-709A5D9B7F84 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6ccd:*:*:*:*:*:*:* (string)

matchCriteriaId : 4987E532-8729-4BC4-9997-962C32BC6CFA (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6cce:*:*:*:*:*:*:* (string)

matchCriteriaId : B47779E2-7BC5-4A5D-AD90-AC226735C631 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6ccf:*:*:*:*:*:*:* (string)

matchCriteriaId : 3BB1C793-85F6-48EB-8A53-DE8E91271A6A (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6ccg:*:*:*:*:*:*:* (string)

matchCriteriaId : 4D4D3A70-1CE2-4DD6-8890-55D1DCCFEBA6 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6cch:*:*:*:*:*:*:* (string)

matchCriteriaId : 3A51DA17-F432-4AF0-9902-3FF9509C97BF (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:iss:blackice_server_protection:3.6cno:*:*:*:*:*:*:* (string)

matchCriteriaId : E1CA428F-B281-46E2-86C1-E48A94BA4345 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule. (string)

}

]

id : CVE-2004-1714 (string)

lastModified : 2025-04-03T01:03:51.193 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 2.1 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:L/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.1 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.2 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2004-08-11T04:00:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Not Applicable (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

]

url : http://marc.info/?l=bugtraq&m=109223751031166&w=2 (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Exploit (string)

2 : Third Party Advisory (string)

3 : VDB Entry (string)

4 : Vendor Advisory (string)

]

url : http://www.securityfocus.com/bid/10915 (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/16959 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Not Applicable (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.html (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : http://marc.info/?l=bugtraq&m=109223751031166&w=2 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Exploit (string)

2 : Third Party Advisory (string)

3 : VDB Entry (string)

4 : Vendor Advisory (string)

]

url : http://www.securityfocus.com/bid/10915 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/16959 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-732 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object