CVE-2006-6620

3 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 81.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AVG Antivirus Plus Firewall Comodo Comodo Personal Firewall Filseclab Personal Firewall +3 more

Timeline

PublishedDec 18

Latest updateMay 1

Description

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages6 packages

▶NVDinfoprocess/antihook3.0.23

▶NVDcomodo/comodo_personal_firewall2.3.6.81

▶NVDfilseclab/personal_firewall3.0.8686

▶NVDsymantec/sygate_personal_firewall5.6.2808

▶NVDavg/antivirus_plus_firewall7.5.431

🔴Vulnerability Details

GHSA

GHSA-32wg-h523-82pp: Comodo Personal Firewall 2↗2022-05-01

▶

CVEList

CVE-2006-6620: Comodo Personal Firewall 2↗2006-12-18

▶