ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability

2006.08.08
Risk: Medium
Local: Yes
Remote: No
CWE: N/A


CVSS Base Score: 4.6/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

BlackICE does not protect pamversion.dll in its installation directory. And also because its component protection fails to protect BlackICE processes this can be misused to inject fake DLL into BlackICE service. The whole advisory with more details and source code is available here http://www.matousec.com/info/advisories/BlackICE-DLL-faking-of-run-time- linked-libraries.php Regards, -- David Matousek Founder and Chief Representative of Matousec - Transparent security http://www.matousec.com/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top