Denial of Service Vulnerability in Comodo Firewall Pro
CVE-2007-0708

Currently unrated

Key Information:

Vendor: Comodo
Status: Comodo Firewall Pro
Vendor: CVE Published:; 4 February 2007

What is CVE-2007-0708?

A vulnerability exists in cmdmon.sys of Comodo Firewall Pro versions before 2.4.16.174, whereby improper validation of user-mode arguments for the hooked SSDT functions NtConnectPort and NtCreatePort may allow local users to induce a denial of service, leading to system crashes. Moreover, this could potentially enable local users to escalate their privileges by exploiting this flaw with invalid arguments.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32059

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/22357

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/458773/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 4, 2007
Vulnerability Reserved
Feb 3, 2007