4 matches found
Design/Logic Flaw
ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via the 1 NtCreatePort and 2 NtDeleteFile kernel SSDT hooks, a partial...
CVE-2007-5044
CVE-2007-5044 affects ZoneAlarm Pro 7.0.362.000. The issue is insufficient validation of parameters passed to SSDT function handlers, enabling a local user to crash the system and potentially gain privileges via the kernel SSDT hooks for NtCreatePort and NtDeleteFile. This is described as a parti...
Design/Logic Flaw
cmdmon.sys in Comodo Firewall Pro formerly Comodo Personal Firewall before 2.4.16.174 does not validate arguments that originate in user mode for the 1 NtConnectPort and 2 NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service system crash and possibly gain...
CVE-2007-0708
Affected software : Comodo Firewall Pro (formerly Comodo Personal Firewall) prior to 2.4.16.174. Vulnerable component / root cause : cmdmon.sys, with insufficient validation of user-mode arguments for the hooked SSDT functions NtConnectPort and NtCreatePort. Impact : local users can trigger a den...