CVE-2006-7129

high

Description

ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/29575

http://www.securityfocus.com/bid/20546

http://www.securityfocus.com/archive/1/448763/100/0/threaded

http://www.osvdb.org/30901

http://www.matousec.com/info/advisories/BlackICE-Filelock-protection-bypass.php

http://securityreason.com/securityalert/2361

http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0298.html

Details

Source: Mitre, NVD

Published: 2007-03-06

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Severity: High

EPSS

EPSS: 0.00199