Comodo: >> Comodo Firewall Pro >> 2.4.16.174 Security Vulnerabilities
Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times.
CVSS Score
4.4
EPSS Score
0.002
Published
2007-03-07
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
CVSS Score
7.2
EPSS Score
0.002
Published
2007-02-04