CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0709
https://notcve.org/view.php?id=CVE-2007-0709
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments. cmdmon.sys en Comodo Firewall Pro (anteriormente Comodo Personal Firewall) 2.4.16.174 y versiones anteriores no valida argumentos que se originan el el modo usuario para las funciones (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, y (5) NtSetValueKey hooked SSDT, que permite a atacantes locales provocar una denegación de servicio (caída del sistema) y posiblemente obtener privilegios mediante argumentos inválidos. • http://securitytracker.com/id?1017580 http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.securityfocus.com/archive/1/458773/100/0/threaded http://www.securityfocus.com/bid/22357 https://exchange.xforce.ibmcloud.com/vulnerabilities/32059 •