Vulnerabilities > CVE-2007-1330 - Local Protection Mechanism Bypass vulnerability in Comodo Firewall PRO 2.4.16.174/2.4.17.183/2.4.18.184
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Comodo Firewall Pro 2.4.x Local Protection Mechanism Bypass Vulnerability. CVE-2007-1330. Local exploit for windows platform |
| id | EDB-ID:29695 |
| last seen | 2016-02-03 |
| modified | 2007-03-01 |
| published | 2007-03-01 |
| reporter | Matousec Transparent security |
| source | https://www.exploit-db.com/download/29695/ |
| title | Comodo Firewall Pro 2.4.x - Local Protection Mechanism Bypass Vulnerability |
References
- http://osvdb.org/34957
- http://securityreason.com/securityalert/2388
- http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php
- http://www.securityfocus.com/archive/1/461635/100/0/threaded
- http://www.securityfocus.com/bid/22775
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32771