Lucene search

[email protected]NVD:CVE-2007-0709

HistoryFeb 04, 2007 - 12:28 a.m.

CVE-2007-0709

2007-02-0400:28:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.

Affected configurations

Nvd

Node

comodocomodo_firewall_proRange≤2.4.16.174

VendorProductVersionCPE
comodocomodo_firewall_pro*cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
comodo	comodo_firewall_pro	*	cpe:2.3:a:comodo:comodo_firewall_pro::::::::

References

securitytracker.com/id?1017580

www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

www.securityfocus.com/archive/1/458773/100/0/threaded

www.securityfocus.com/bid/22357

exchange.xforce.ibmcloud.com/vulnerabilities/32059

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2007-0709

cve2 prion2 cvelist2 securityvulns1 nvd1