PT-2007-4045 · Comodo+1 · Comodo Personal Firewall+2

Publicado

2007-05-16

Atualizado

2018-10-16

CVE-2007-2729

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Comodo Firewall Pro versions 2.4.18.184 and earlier Comodo Personal Firewall versions 2.3.6.81 and earlier

Description The issue allows local users to bypass firewall rules or gain privileges by calling certain Microsoft Windows API functions in the NT kernel 5.0 and greater, via a modified identifier that is one, two, or three greater than the canonical identifier.

Recommendations For Comodo Firewall Pro version 2.4.18.184, update to a version that properly tests for equivalence of process identifiers. For Comodo Personal Firewall version 2.3.6.81, update to a version that properly tests for equivalence of process identifiers. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2729

Produtos afetados

Comodo Firewall Pro

Comodo Personal Firewall

Windows

PT-2007-4045 · Comodo+1 · Comodo Personal Firewall+2

CVE-2007-2729

Identificadores relacionados

Produtos afetados

Referências · 5