Back to CVE Browser

CVE-2006-6620

HIGH

7.2

CVSS Severity Score

EPSS Score0.1100%

EPSS Percentile26.87th

PublishedDec 18, 2006

Last ModifiedApr 23, 2026

Vulnerability Description

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Affected Platforms (CPE)

📦

Avg

Antivirus Plus Firewall

= 7.5.431

📦

Comodo

Comodo Personal Firewall

= 2.3.6.81

📦

Filseclab

Personal Firewall

= 3.0.8686

📦

Infoprocess

Antihook

= 3.0.23

📦

Soft4ever

Look N Stop

= 2.05p2

📦

Symantec

Sygate Personal Firewall

= 5.6.2808

References & Advisories

🔗 http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip

🔗 http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php

🔗 http://www.securityfocus.com/archive/1/454522/100/0/threaded

🔗 http://www.securityfocus.com/bid/21615

🔗 http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip

🔗 http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php

🔗 http://www.securityfocus.com/archive/1/454522/100/0/threaded

🔗 http://www.securityfocus.com/bid/21615

Related Vulnerabilities

CVE-2006-502510.0

Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack ve...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...

CVE-2006-623510.0

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to ...