Vulnerabilities > CVE-2007-1051 - Local Security vulnerability in Comodo Firewall Pro
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052461.html
- http://osvdb.org/45243
- http://securityreason.com/securityalert/2279
- http://www.matousec.com/info/advisories/Comodo-DLL-injection-via-weak-hash-function-exploitation.php
- http://www.securityfocus.com/archive/1/460209/100/100/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32530