Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6619

4 documents4 sources
Severity
7.2HIGH
EPSS
0.2%
top 63.75%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
6
AVG Antivirus Plus FirewallComodo Comodo Personal FirewallFilseclab Personal Firewall+3 more
Timeline
PublishedDec 18
Latest updateMay 1

Description

AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages6 packages

🔴Vulnerability Details

2
GHSA
GHSA-47f8-wcf5-f9q4: AVG Anti-Virus plus Firewall 72022-05-01
CVEList
CVE-2006-6619: AVG Anti-Virus plus Firewall 72006-12-18

💥Exploits & PoCs

1
Exploit-DB
Multiple Vendor Firewall - HIPS Process Spoofing2006-12-15
CVE-2006-6619 (HIGH CVSS 7.2) | AVG Anti-Virus plus Firewall 7.5.43 | cvebase.io