CVE-2006-4541

EPSS 0.34%
Veröffentlicht 05.09.2006 23:04:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Iss ≫ Blackice Pc Protection Version <= 3.6

Iss ≫ Blackice Pc Protection Version3.6cpie

Iss ≫ Blackice Pc Protection Version3.6cpj

Iss ≫ Blackice Pc Protection Version3.6cpn

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.34%	0.557

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/21710

Vendor Advisory

http://securityreason.com/securityalert/1512

http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php

http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php

http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php

http://www.osvdb.org/28332

http://www.securityfocus.com/archive/1/444958/100/0/threaded

http://www.securityfocus.com/archive/1/479830/100/0/threaded

http://www.securityfocus.com/bid/19800

http://www.vupen.com/english/advisories/2006/3431

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2006-4541

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4541

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4541

EUVD