VYPR
Unrated severityNVD Advisory· Published Feb 4, 2007· Updated Jun 16, 2026

CVE-2007-0709

CVE-2007-0709

Description

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.

Affected products

2
  • cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*range: <=2.4.16.174
    • (no CPE)range: <=2.4.16.174

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.