CVE-2007-2729
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.
Comodo Firewall Pro 2.4.18.184 y Comodo Personal Firewall 2.3.6.81, y posiblemente versiones anteriores de Comodo Firewall, no comprueba adecuadamente la equivalencia de identificadores de proceso para ciertas funciones de la API de Windows en el NT kernel 5.0 y superiores, lo cual permite a usuarios locales llamar a estas funciones, y evitar reglas del cortafuegos u obtener privilegios, mediante un identificador modificado que es una, dos o tres veces más grande que el identificador canónico.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-05-16 CVE Reserved
- 2007-05-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/37375 | Vdb Entry | |
| http://securityreason.com/securityalert/2714 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/468643/100/0/threaded | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Comodo Search vendor "Comodo" | Comodo Firewall Pro Search vendor "Comodo" for product "Comodo Firewall Pro" | 2.4.18.184 Search vendor "Comodo" for product "Comodo Firewall Pro" and version "2.4.18.184" | - |
Affected
| ||||||
| Comodo Search vendor "Comodo" | Comodo Personal Firewall Search vendor "Comodo" for product "Comodo Personal Firewall" | 2.3.6.81 Search vendor "Comodo" for product "Comodo Personal Firewall" and version "2.3.6.81" | - |
Affected
| ||||||