QwikSec

Security Database

CVE

CWE

Training

CVE-2008-1736

Published: Apr 29, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) functions, which allows local users to cause a denial of service (system crash) via (1) a crafted OBJECT_ATTRIBUTES structure in a call to the NtDeleteFile function, which leads to improper validation of a ZwQueryObject result; and unspecified calls to the (2) NtCreateFile and (3) NtSetThreadContext functions, different vectors than CVE-2007-0709.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SECUNIA

http://www.personalfirewall.comodo.com/release_notes.html

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

vdb-entry

x_refsource_BID

http://www.coresecurity.com/?action=item&id=2249

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

comodo-ssdt-dos(42082)

vdb-entry

x_refsource_XF

20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.