Vulnerability Report

CVE-2004-2125

Title: BlackICE PC Protection buffer overflow privilege escalation

Privilege Escalation, Buffer Overflow

Proof Of Concept

No public PoC currently indexed for CVE-2004-2125.

CWE Category NVD-CWE-noinfo

Published Date Dec 31, 2004

Modified Date Apr 03, 2025

Exploit Status Not Found

Score 4.6 CVSS v2.0

Exploit Probability (EPSS)

0.14%

Vulnerability Summary

CVE-2004-2125: Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.

Impacted Vendors

iss 4

Reference Links

http://archives.neohapsis.com/archives/iss/2004-q1/0157.html http://marc.info/?l=bugtraq&m=107530966524193&w=2 http://secunia.com/advisories/10739 http://www.osvdb.org/3740 http://www.securityfocus.com/bid/9514 https://exchange.xforce.ibmcloud.com/vulnerabilities/14965 http://archives.neohapsis.com/archives/iss/2004-q1/0157.html http://marc.info/?l=bugtraq&m=107530966524193&w=2 http://secunia.com/advisories/10739 http://www.osvdb.org/3740 http://www.securityfocus.com/bid/9514 https://exchange.xforce.ibmcloud.com/vulnerabilities/14965

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

4.6

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:L/AC:L/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2004-2125 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

December 31, 2004 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:L/AC:L/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.