Local Security Bypass in Comodo Firewall Pro by Guessing Named Pipe
CVE-2007-1330

Currently unrated

Key Information:

Vendor: Comodo
Status: Comodo Firewall Pro
Vendor: CVE Published:; 7 March 2007

What is CVE-2007-1330?

A vulnerability exists in Comodo Firewall Pro that allows local users to bypass driver protections associated with the firewall settings. By meticulously guessing the name of a named pipe located in the system directory, attackers can repeatedly attempt to open the pipe, thereby gaining unauthorized access to sensitive registry keys. This flaw can lead to a significant compromise of firewall settings, potentially allowing malicious activities to evade detection and prevention measures put in place by the software.

References

http://www.securityfocus.com/bid/22775

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/32771

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/2388

third-party-advisoryx_refsource_SREASON

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2007
Vulnerability Reserved
Mar 7, 2007