CVE-2007-0709

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://securitytracker.com/id?1017580
http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php	Vendor Advisory
http://www.securityfocus.com/archive/1/458773/100/0/threaded
http://www.securityfocus.com/bid/22357	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/32059

Configurations

Configuration 1 (hide)

cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-02-04 00:28

Updated : 2024-02-04 17:13

NVD link : CVE-2007-0709

Mitre link : CVE-2007-0709

CVE.ORG link : CVE-2007-0709

JSON object : View

Products Affected

comodo

comodo_firewall_pro

CWE

NVD-CWE-Other

{"id": "CVE-2007-0709", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-02-04T00:28:00.000", "references": [{"url": "http://securitytracker.com/id?1017580", "source": "cve@mitre.org"}, {"url": "http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/458773/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22357", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32059", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments."}, {"lang": "es", "value": "cmdmon.sys en Comodo Firewall Pro (anteriormente Comodo Personal Firewall) 2.4.16.174 y versiones anteriores no valida argumentos que se originan el el modo usuario para las funciones (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, y (5) NtSetValueKey hooked SSDT, que permite a atacantes locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) y posiblemente obtener privilegios mediante argumentos inv\u00e1lidos."}], "lastModified": "2018-10-16T16:33:53.527", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24D1532A-7E34-4C8A-A8EF-856E5020C39D", "versionEndIncluding": "2.4.16.174"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}