Unrated severityNVD Advisory· Published Feb 4, 2007· Updated Jun 16, 2026
CVE-2007-0709
CVE-2007-0709
Description
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
Affected products
2cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*range: <=2.4.16.174
- (no CPE)range: <=2.4.16.174
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/22357nvdExploit
- www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.phpnvdVendor Advisory
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/458773/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/32059nvd
News mentions
0No linked articles in our index yet.