QwikSec

Security Database

CVE

CWE

Training

CVE-2006-6619

Published: Dec 18, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php

x_refsource_MISC

20061215 Bypassing process identification of several personal firewalls and HIPS

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.