Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the attack would not cross privilege boundaries because replacing pamversion.dll requires administrative privileges. However, this issue is a vulnerability because BlackICE is intended to protect against certain rogue privileged actions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ISS BlackICE PC Protection 'pamversion.dll'BlackICE库安全特权漏洞
Vulnerability Description
ISS BlackICE PC Protection 3.6.cpj,3.6.cpiE,可能还包括早期版本,没有对pamversion.dll BlackICE库的完整性进行正确监控,利用此漏洞,本地用户可通过替换pamversion.dll文件破坏BlackICE软件。注意:通常,攻击者不会超越特权界限,因为替换pamversion.dll需要管理员特权。然而,由于BlackICE软件抵御某些rogue特权操作,此问题便成为安全漏洞。
CVSS Information
N/A
Vulnerability Type
N/A