CVE-2006-7129
Internet Security Systems 3.6 - 'ZWDeleteFile()' Arbitrary File Deletion
Severity Score
2.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
ISS BlackICEPC Protection 3.6 cpj y cpu, y posiblemente versiones anteriores, permite a usuarios locales evitar el esquema de protección utilizando la función ZwDeleteFile del API para borrar el archivo crítico filelock.txt, el cual almacena información sobre archivos protegidos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-10-16 First Exploit
- 2007-03-05 CVE Reserved
- 2007-03-06 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html | Mailing List | |
| http://securityreason.com/securityalert/2361 | Third Party Advisory | |
| http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php | X_refsource_misc | |
| http://www.osvdb.org/30901 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/448763/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/20546 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29575 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/28817 | 2006-10-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Iss Search vendor "Iss" | Blackice Pc Protection Search vendor "Iss" for product "Blackice Pc Protection" | 3.6cpj Search vendor "Iss" for product "Blackice Pc Protection" and version "3.6cpj" | - |
Affected
| ||||||
| Iss Search vendor "Iss" | Blackice Pc Protection Search vendor "Iss" for product "Blackice Pc Protection" | 3.6cpu Search vendor "Iss" for product "Blackice Pc Protection" and version "3.6cpu" | - |
Affected
| ||||||