CVE-2006-4541

BlackICE PC Protection < 3.6 - Denial of Service via NtOpenSection API

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4541. PoCs published by David Matousek.

AI-analyzed exploit summary The provided text describes a local denial-of-service vulnerability in ISS BlackICE PC Protection due to improper input sanitization. It mentions potential for remote code execution if exploited in kernel mode, affecting versions 3.6.cpn, 3.6.cpj, and 3.6.cpiE.

Description

RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.

Exploits (1)

exploitdb WRITEUP VERIFIED

by David Matousek · textdoswindows

https://www.exploit-db.com/exploits/28469

View Code ZIP pw:eip

The provided text describes a local denial-of-service vulnerability in ISS BlackICE PC Protection due to improper input sanitization. It mentions potential for remote code execution if exploited in kernel mode, affecting versions 3.6.cpn, 3.6.cpj, and 3.6.cpiE.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: ISS BlackICE PC Protection 3.6.cpn, 3.6.cpj, 3.6.cpiE

No auth needed

Prerequisites: Local access to the target system

MITRE ATT&CK