Back to search
CVE-2007-0709
Published: Feb 4, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
comodofirewallpro-cmdmon-dos(32059)
vdb-entry
x_refsource_XF
22357
vdb-entry
x_refsource_BID
20070201 Comodo Multiple insufficient argument validation of hooked SSDT function Vulnerability
mailing-list
x_refsource_BUGTRAQ
1017580
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now