Process Identifier Manipulation in Comodo Firewalls
CVE-2007-2729
Currently unrated
What is CVE-2007-2729?
Comodo Firewall Pro and Comodo Personal Firewall are susceptible to a vulnerability that allows local users to manipulate process identifiers. This flaw occurs due to improper equivalence testing of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and later versions. By incrementing the identifier by one, two, or three, local users can bypass established firewall rules, potentially gaining unauthorized privileges. This manipulation poses a significant risk to system integrity and security.