CVE-2005-2711
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-08-26 CVE Reserved
- 2005-12-31 CVE Published
- 2023-08-16 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/19327 | Third Party Advisory | |
| http://securitytracker.com/id?1015820 | Vdb Entry | |
| http://securitytracker.com/id?1015821 | Vdb Entry | |
| http://www.osvdb.org/24096 | Vdb Entry | |
| http://www.securityfocus.com/bid/17218 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2006/1090 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25423 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.idefense.com/intelligence/vulnerabilities/display.php?id=403 | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Iss Search vendor "Iss" | Blackice Agent Server Search vendor "Iss" for product "Blackice Agent Server" | * | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Blackice Pc Protection Search vendor "Iss" for product "Blackice Pc Protection" | 3.6 Search vendor "Iss" for product "Blackice Pc Protection" and version "3.6" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Blackice Pc Protection Search vendor "Iss" for product "Blackice Pc Protection" | 3.6cpu Search vendor "Iss" for product "Blackice Pc Protection" and version "3.6cpu" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Blackice Server Protection Search vendor "Iss" for product "Blackice Server Protection" | * | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Desktop Search vendor "Iss" for product "Realsecure Desktop" | 3.6 Search vendor "Iss" for product "Realsecure Desktop" and version "3.6" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Realsecure Desktop Search vendor "Iss" for product "Realsecure Desktop" | 7.0 Search vendor "Iss" for product "Realsecure Desktop" and version "7.0" | - |
Affected
| ||||||