CVE-2007-0708

Name of the Vulnerable Software and Affected Versions Comodo Firewall Pro versions prior to 2.4.16.174

Description The issue concerns the cmdmon.sys component in Comodo Firewall Pro, which fails to validate arguments from user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions. This allows local users to potentially cause a denial of service, resulting in a system crash, and possibly gain privileges by providing invalid arguments.

Recommendations For versions prior to 2.4.16.174, update to version 2.4.16.174 or later to resolve the issue. As a temporary workaround, consider restricting access to the cmdmon.sys component to minimize the risk of exploitation.