Design/Logic Flaw

2007-02-0400:28:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.8%

JSON

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.

CPENameOperatorVersion
comodo_firewall_proeq2.4.16.174

CPE	Name	Operator	Version
	comodo_firewall_pro	eq	2.4.16.174

References

securitytracker.com/id?1017580

www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

www.securityfocus.com/archive/1/458773/100/0/threaded

www.securityfocus.com/bid/22357

exchange.xforce.ibmcloud.com/vulnerabilities/32059