Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-6620

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Dec, 2006 | 11:00
Updated At-07 Aug, 2024 | 20:33
Rejected At-
Credits

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Dec, 2006 | 11:00
Updated At:07 Aug, 2024 | 20:33
Rejected At:
▼CVE Numbering Authority (CNA)

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php
x_refsource_MISC
http://www.securityfocus.com/archive/1/454522/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/21615
vdb-entry
x_refsource_BID
http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip
x_refsource_MISC
Hyperlink: http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/454522/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/21615
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/454522/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/21615
vdb-entry
x_refsource_BID
x_transferred
http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip
x_refsource_MISC
x_transferred
Hyperlink: http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/454522/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/21615
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Dec, 2006 | 11:28
Updated At:17 Oct, 2018 | 21:49

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
avg
avg
>>antivirus_plus_firewall>>7.5.431
cpe:2.3:a:avg:antivirus_plus_firewall:7.5.431:*:*:*:*:*:*:*
comodo
comodo
>>comodo_personal_firewall>>2.3.6.81
cpe:2.3:a:comodo:comodo_personal_firewall:2.3.6.81:*:*:*:*:*:*:*
filseclab
filseclab
>>personal_firewall>>3.0.8686
cpe:2.3:a:filseclab:personal_firewall:3.0.8686:*:*:*:*:*:*:*
infoprocess
infoprocess
>>antihook>>3.0.23
cpe:2.3:a:infoprocess:antihook:3.0.23:*:*:*:*:*:*:*
soft4ever
soft4ever
>>look_n_stop>>2.05p2
cpe:2.3:a:soft4ever:look_n_stop:2.05p2:*:*:*:*:*:*:*
Symantec Corporation
symantec
>>sygate_personal_firewall>>5.6.2808
cpe:2.3:a:symantec:sygate_personal_firewall:5.6.2808:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zipcve@mitre.org
N/A
http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.phpcve@mitre.org
Vendor Advisory
http://www.securityfocus.com/archive/1/454522/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/21615cve@mitre.org
N/A
Hyperlink: http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/454522/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/21615
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

53Records found
CVE-2017-15534
Matching Score-8
Assigner-Symantec - A Division of Broadcom
ShareView Details
Matching Score-8
Assigner-Symantec - A Division of Broadcom
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.29%
||
7 Day CHG~0.00%
Published-26 Mar, 2018 | 16:00
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access.

Action-Not Available
Vendor-Symantec Corporation
Product-norton_app_lockNorton App Lock
CWE ID-CWE-287
Improper Authentication
CVE-2022-34008
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-21 Jun, 2022 | 14:20
Updated-03 Aug, 2024 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.

Action-Not Available
Vendor-comodon/a
Product-antivirusn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2003-0994
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.24%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.

Action-Not Available
Vendor-n/aSymantec Corporation
Product-norton_internet_securitynorton_antivirusnorton_system_workswindows_liveupdaten/a
  • Previous
  • 1
  • 2
  • Next
Details not found