CVSS: 5.5EPSS: 1%CPEs: 12EXPL: 0CVE-2012-1463
https://notcve.org/view.php?id=CVE-2012-1463
21 Mar 2012 — The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be... • http://osvdb.org/80426 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1736
https://notcve.org/view.php?id=CVE-2008-1736
29 Apr 2008 — Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) functions, which allows local users to cause a denial of service (system crash) via (1) a crafted OBJECT_ATTRIBUTES structure in a call to the NtDeleteFile function, which leads to improper validation of a ZwQueryObject result; and unspecified calls to the (2) NtCreateFile and (3) NtSetThreadContext functions, different vectors than CVE-2007-0709. Comodo Firewall Pro anterior a 3.0 n... • http://secunia.com/advisories/30006 •
CVSS: 9.8EPSS: 17%CPEs: 2EXPL: 2CVE-2008-0470 – Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution
https://notcve.org/view.php?id=CVE-2008-0470
29 Jan 2008 — A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary commands via the ExecuteStr method. Un ciertolador ActiveX en Comodo AntiVirus 2.0 permite a atacantes remotos ejecutar comandos de su elección a través del método ExecuteStr. • https://www.exploit-db.com/exploits/4974 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-2729
https://notcve.org/view.php?id=CVE-2007-2729
16 May 2007 — Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. Comodo Firewall Pro 2.4.18.184 y Comodo Personal Firewall 2.3.6.81, y p... • http://osvdb.org/37375 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2007-2730
https://notcve.org/view.php?id=CVE-2007-2730
16 May 2007 — Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. Check Point Zonealarm Pro anterior a 6.5.737.000 no comprueba adecuadamente la equivalencia de identificadores de proceso para determinadas... • http://osvdb.org/37383 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2007-1330 – Comodo Firewall Pro 2.4.x - Local Protection Mechanism Bypass
https://notcve.org/view.php?id=CVE-2007-1330
07 Mar 2007 — Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times. Comodo Firewall Pro (CFP) (antes conocido como Comodo Personal Firewall) 2.4.18.184 y versiones anteriores permite a usuarios locales evitar las protecciones del dispositivos en la clave de registro del HKL... • https://www.exploit-db.com/exploits/29695 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1051
https://notcve.org/view.php?id=CVE-2007-1051
21 Feb 2007 — Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value. Comodo Firewall Pro (antes llamado Comodo Personal Firewall) 2.4.17.183 y versiones anteriores utiliza una función hash criptográfica (CRC32) débil para identificar módulos de confianza, lo cual permite a usuarios locales evitar pro... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052461.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0708 – Comodo Firewall 2.3.6 - 'CMDMon.SYS' Multiple Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-0708
04 Feb 2007 — cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments. cmdmon.sys en Comodo Firewall Pro (formalmente Comodo Personal Firewall) anterior a 2.4.16.174 no valida los argumentos que se origina en modo usuario para las funciones enganch... • https://www.exploit-db.com/exploits/29558 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0709
https://notcve.org/view.php?id=CVE-2007-0709
04 Feb 2007 — cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments. cmdmon.sys en Comodo Firewall Pro (anteriormente Comodo Personal Firewall) 2.4.16.174 y versiones anteriores no ... • http://securitytracker.com/id?1017580 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6618
https://notcve.org/view.php?id=CVE-2006-6618
18 Dec 2006 — AntiHook 3.0.0.23 - Desktop relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. AntiHook 3.0.0.23 - El escritorio depende del Process Environment Block (PEB) para la identificación de un proceso, el cual permite a usuarios locales evitar los controles del producto en el proceso mediante la simulación de los campos (1) ImagePathName... • http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip •