Bug: ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability ( Ascii Version )

Search:
WLB2

ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability

Published
Credit
Risk
2006.08.08
David Matousek (david matousec com)
Medium
CWE
CVE
Local
Remote
N/A
CVE-2006-3999
Yes
No

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

BlackICE does not protect pamversion.dll in its installation directory. And also because its component
protection fails to protect BlackICE processes this can be misused to inject fake DLL into BlackICE service.

The whole advisory with more details and source code is available here
http://www.matousec.com/info/advisories/BlackICE-DLL-faking-of-run-time-
linked-libraries.php

Regards,

--
David Matousek

Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version