52 matches found
EUVD-2007-1048
Malware in sbrugna...
EUVD-2007-1327
Malware in sbrugna...
EUVD-2008-1736
Malware in sbrugna...
Denial of Service Vulnerability in XPacket Driver for Fair's Personal Firewall Software
Fair Personal Firewall Pro is one of Fair Security Labs products. It provides a full range of network security protection for your computer. A security vulnerability exists in the XPacket.sys driver of Fair Personal Firewall Pro. An attacker can exploit this vulnerability by sending a 0x804D2190...
Outpost Firewall PRO 4.0 - Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20860/info Outpost Firewall PRO is prone to a local denial-of-service vulnerability because the application fails to properly handle unexpected input. Exploiting this issue allows local attackers to crash affected...
Multiple Personal Firewall Products - Local Protection Mechanism Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23987/info Multiple personal firewall products are prone to a vulnerability that lets attackers bypass protection mechanisms. This issue occurs because the applications fail to properly implement protection mechanisms bas...
Comodo Firewall Pro 2.4.x - Local Protection Mechanism Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22775/info Comodo Firewall Pro is prone to a protection-mechanism-bypass vulnerability. Exploiting this issue allows local attackers to bypass protection mechanisms implemented to restrict access to altering the firewall'...
CVE-2008-1736
Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table SSDT functions, which allows local users to cause a denial of service system crash via 1 a crafted OBJECTATTRIBUTES structure in a call to the NtDeleteFile function, which leads ...
Input validation
Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table SSDT functions, which allows local users to cause a denial of service system crash via 1 a crafted OBJECTATTRIBUTES structure in a call to the NtDeleteFile function, which leads ...
CVE-2008-1736
Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table SSDT functions, which allows local users to cause a denial of service system crash via 1 a crafted OBJECTATTRIBUTES structure in a call to the NtDeleteFile function, which leads ...
CVE-2008-1736
CVE-2008-1736 relates to Comodo Firewall Pro 2.4.18.184 where hooked SSDT functions do not properly validate arguments (notably NtDeleteFile, NtCreateFile, NtSetThreadContext). This can allow a local attacker to trigger a Denial of Service (system crash). The issue is described in CoreLabs CORE-2...
CVE-2007-5042
Outpost Firewall Pro 4.0.1025.7828 is affected by CVE-2007-5042, where the driver does not properly validate parameters to SSDT function handlers, enabling a local user to crash the system and potentially gain privileges via kernel SSDT hooks (NtCreateKey, NtDeleteFile, NtLoadDriver, NtOpenProces...
CVE-2007-5042
Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via the 1 NtCreateKey, 2 NtDeleteFile, 3 NtLoadDriver, 4...
CVE-2007-2729
Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these...
Bypassing PFW/HIPS open process control with uncommon identifier
Hello, We would like to inform you about a vulnerability in personal firewalls and HIPS software. Description: Windows operating systems with NT kernel version 5.0 and higher i.e. Windows 2000, XP, 2003 use integer numbers divisible by four to identify processes. Internal implementation of system...
Multiple Personal Firewall Products - Local Protection Mechanism Bypass
source: https://www.securityfocus.com/bid/23987/info Multiple personal firewall products are prone to a vulnerability that lets attackers bypass protection mechanisms. This issue occurs because the applications fail to properly implement protection mechanisms based on valid process identifiers...
CVE-2007-1330
Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...
CVE-2007-1330
Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...
CVE-2007-1330
CVE-2007-1330 affects Comodo Firewall Pro (CFP) versions 2.4.18.184 and earlier. The issue is a local privilege bypass in which an attacker can bypass driver protections for the registry key HKLM\SYSTEM\Software\Comodo\Personal Firewall by guessing the name of a Named Pipe under \Device\NamedPipe...
CVE-2006-7160
The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service crash via invalid arguments to the 1 NtAssignProcessToJobObject,, 2 NtCreateKey, 3 NtCreateThread, 4...