返回 CVE 浏览器

CVE-2006-6620

HIGH

7.2

CVSS Severity Score

EPSS Score0.1100%

EPSS Percentile26.87th

Published2006年12月18日

Last Modified2026年4月23日

Vulnerability Description

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Affected Platforms (CPE)

📦

Avg

Antivirus Plus Firewall

= 7.5.431

📦

Comodo

Comodo Personal Firewall

= 2.3.6.81

📦

Filseclab

Personal Firewall

= 3.0.8686

📦

Infoprocess

Antihook

= 3.0.23

📦

Soft4ever

Look N Stop

= 2.05p2

📦

Symantec

Sygate Personal Firewall

= 5.6.2808

References & Advisories

🔗 http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip

🔗 http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php

🔗 http://www.securityfocus.com/archive/1/454522/100/0/threaded

🔗 http://www.securityfocus.com/bid/21615

🔗 http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip

🔗 http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php

🔗 http://www.securityfocus.com/archive/1/454522/100/0/threaded

🔗 http://www.securityfocus.com/bid/21615

相关漏洞威胁

CVE-2006-720710.0

Buffer overflow in ageet AGEphone before 1.4.0 might allow remote attackers to have an unknown impact via unspecified vectors.

CVE-2006-527810.0

Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Mana...

CVE-2006-719810.0

Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 5.1.1.14, and WAS for z/OS 601 before 6.0.2.13, has unk...

CVE-2006-526810.0

Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors ...