CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-1051

MEDIUM
4.6
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile29.08th
Published2007年2月21日
Last Modified2026年4月23日

Vulnerability Description

Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.

Affected Platforms (CPE)

📦
Comodo

Comodo Firewall Pro

<= 2.4.17.183

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052461.html
🔗 http://osvdb.org/45243
🔗 http://securityreason.com/securityalert/2279
🔗 http://www.matousec.com/info/advisories/Comodo-DLL-injection-via-weak-hash-function-exploitation.php
🔗 http://www.securityfocus.com/archive/1/460209/100/100/threaded
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/32530
🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052461.html
🔗 http://osvdb.org/45243

相关漏洞威胁

CVE-2007-07087.2

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate...

CVE-2007-07097.2

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that orig...

CVE-2007-27297.2

Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly...

CVE-2008-17367.2

Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) func...