Process Identifier Manipulation in Comodo Firewalls
CVE-2007-2729

Currently unrated

Key Information:

Vendor

Comodo

Status
Comodo Personal Firewall
Comodo Firewall Pro
Vendor
CVE Published:
16 May 2007

What is CVE-2007-2729?

Comodo Firewall Pro and Comodo Personal Firewall are susceptible to a vulnerability that allows local users to manipulate process identifiers. This flaw occurs due to improper equivalence testing of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and later versions. By incrementing the identifier by one, two, or three, local users can bypass established firewall rules, potentially gaining unauthorized privileges. This manipulation poses a significant risk to system integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/2714
third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/archive/1/468643/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.matousec.com/info/advisories/Bypassing-PWF-HIP...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.