CVE-2004-1714

Name: CVE-2004-1714
Creator: NVD / NIST
Published: 2004-08-11T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.1/10EPSS 0.85%

Last modified Jun 16, 2026

CVE-2004-1714 is a high-severity vulnerability rated 7.1/10 on the CVSS scale. BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.. EPSS estimates a 0.85% chance of exploitation in the next 30 days.

Description

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.

Metrics

CVSS 3.1

7.1/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS Probability

0.85%

53.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-732

Affected Software

Vendor	Product	Versions
Iss	Blackice Pc Protection	3.6cbd
Iss	Blackice Pc Protection	3.6cbr
Iss	Blackice Pc Protection	3.6cbz
Iss	Blackice Pc Protection	3.6cca
Iss	Blackice Pc Protection	3.6ccb
Iss	Blackice Pc Protection	3.6ccc
Iss	Blackice Pc Protection	3.6ccd
Iss	Blackice Pc Protection	3.6cce
Iss	Blackice Pc Protection	3.6ccf
Iss	Blackice Pc Protection	3.6ccg
Iss	Blackice Server Protection	3.5cdf
Iss	Blackice Server Protection	3.6cbz
Iss	Blackice Server Protection	3.6cca
Iss	Blackice Server Protection	3.6ccb
Iss	Blackice Server Protection	3.6ccc
Iss	Blackice Server Protection	3.6ccd
Iss	Blackice Server Protection	3.6cce
Iss	Blackice Server Protection	3.6ccf
Iss	Blackice Server Protection	3.6ccg
Iss	Blackice Server Protection	3.6cch
Iss	Blackice Server Protection	3.6cno

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.htmlNot Applicable
http://marc.info/?l=bugtraq&m=109223751031166&w=2Mailing List
http://www.securityfocus.com/bid/10915Broken Link, Exploit, Third Party Advisory, VDB Entry, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16959Third Party Advisory, VDB Entry
http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025112.htmlNot Applicable
http://marc.info/?l=bugtraq&m=109223751031166&w=2Mailing List
http://www.securityfocus.com/bid/10915Broken Link, Exploit, Third Party Advisory, VDB Entry, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16959Third Party Advisory, VDB Entry

Timeline

Published: Aug 11, 2004
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2004-1714?

How severe is CVE-2004-1714?

CVE-2004-1714 has a CVSS score of 7.1/10 (HIGH severity). The EPSS model estimates a 0.85% probability of exploitation in the next 30 days.

How do I fix CVE-2004-1714?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-1714?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST