Vulnerabilities > CVE-2006-6619

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
avg
comodo
filseclab
infoprocess
soft4ever
symantec
exploit available
NVD
Published: 2006-12-18
Updated: 2018-10-17

Summary

AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Vulnerable Configurations

Part Description Count
Application
Avg
1
Application
Comodo
1
Application
Filseclab
1
Application
Infoprocess
1
Application
Soft4Ever
1
Application
Symantec
1

Exploit-Db

descriptionMultiple Vendor Firewall HIPS Process Spoofing Vulnerability. CVE-2006-6619. Dos exploit for windows platform
idEDB-ID:29287
last seen2016-02-03
modified2006-12-15
published2006-12-15
reporterMatousec Transparent security
sourcehttps://www.exploit-db.com/download/29287/
titleMultiple Vendor Firewall HIPS Process Spoofing Vulnerability

References