Local Denial of Service Vulnerability in Comodo Firewall Pro
CVE-2008-1736

Currently unrated

Key Information:

Vendor: Comodo
Status: Comodo Personal Firewall
Vendor: CVE Published:; 30 April 2008

What is CVE-2008-1736?

A vulnerability exists in earlier versions of Comodo Firewall Pro that does not adequately validate specific parameters associated with hooked System Service Descriptor Table (SSDT) functions. This insufficiency allows local users to exploit the vulnerability by crafting an OBJECT_ATTRIBUTES structure during a call to the NtDeleteFile function. This can lead to improper validation of a ZwQueryObject result and result in a system crash. Additionally, unspecified calls to the NtCreateFile and NtSetThreadContext functions can also be exploited, leading to further instability in the affected system.

References

http://www.vupen.com/english/advisories/2008/1383

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/30006

third-party-advisoryx_refsource_SECUNIA

http://www.personalfirewall.comodo.com/release_notes.html

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2008
Vulnerability Reserved
Apr 11, 2008