Lucene search
MitreCVE-2006-6618HistoryDec 18, 2006 - 11:28 a.m.
CVE-2006-6618
2006-12-1811:28:00
mitre
web.nvd.nist.gov
23
antihook
process environment block
peb
local users
bypass
security vulnerability
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
9.5%
AntiHook 3.0.0.23 - Desktop relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product’s controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
Affected configurations
Node
avgantivirus_plus_firewallMatch7.5.431
ORcomodocomodo_personal_firewallMatch2.3.6.81
ORfilseclabpersonal_firewallMatch3.0.8686
ORinfoprocessantihookMatch3.0.23
ORsoft4everlook_n_stopMatch2.05p2
ORsymantecsygate_personal_firewallMatch5.6.2808
| Vendor | Product | Version | CPE |
|---|---|---|---|
| avg | antivirus_plus_firewall | 7.5.431 | cpe:2.3:a:avg:antivirus_plus_firewall:7.5.431:*:*:*:*:*:*:* |
| comodo | comodo_personal_firewall | 2.3.6.81 | cpe:2.3:a:comodo:comodo_personal_firewall:2.3.6.81:*:*:*:*:*:*:* |
| filseclab | personal_firewall | 3.0.8686 | cpe:2.3:a:filseclab:personal_firewall:3.0.8686:*:*:*:*:*:*:* |
| infoprocess | antihook | 3.0.23 | cpe:2.3:a:infoprocess:antihook:3.0.23:*:*:*:*:*:*:* |
| soft4ever | look_n_stop | 2.05p2 | cpe:2.3:a:soft4ever:look_n_stop:2.05p2:*:*:*:*:*:*:* |
| symantec | sygate_personal_firewall | 5.6.2808 | cpe:2.3:a:symantec:sygate_personal_firewall:5.6.2808:*:*:*:*:*:*:* |
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
9.5%
Related for CVE-2006-6618