CVE-2006-6623

3 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 81.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AVG Antivirus Plus Firewall Comodo Comodo Personal Firewall Filseclab Personal Firewall +3 more

Timeline

PublishedDec 18

Latest updateMay 1

Description

Sygate Personal Firewall 5.6.2808 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages6 packages

▶NVDinfoprocess/antihook3.0.23

▶NVDsymantec/sygate_personal_firewall5.6.2808

▶NVDfilseclab/personal_firewall3.0.8686

▶NVDcomodo/comodo_personal_firewall2.3.6.81

▶NVDavg/antivirus_plus_firewall7.5.431

🔴Vulnerability Details

GHSA

GHSA-63q6-7688-27w9: Sygate Personal Firewall 5↗2022-05-01

▶

CVEList

CVE-2006-6623: Sygate Personal Firewall 5↗2006-12-18

▶