CVE-2006-6620

CVSS 7.2 - HIGH

Description

Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Affected Products

6

Vendor	Product	Version
avg	antivirus_plus_firewall	`7.5.431`
comodo	comodo_personal_firewall	`2.3.6.81`
filseclab	personal_firewall	`3.0.8686`
infoprocess	antihook	`3.0.23`
soft4ever	look_n_stop	`2.05p2`
symantec	sygate_personal_firewall	`5.6.2808`

References

http://www.matousec.com/downloads/windows-personal...

http://www.matousec.com/info/advisories/Bypassing-...

http://www.securityfocus.com/archive/1/454522/100/...

http://www.securityfocus.com/bid/21615

http://www.matousec.com/downloads/windows-personal...

http://www.matousec.com/info/advisories/Bypassing-...

http://www.securityfocus.com/archive/1/454522/100/...

http://www.securityfocus.com/bid/21615

Weakness Types

NVD-CWE-Other

CVE Information

CVE ID:: CVE-2006-6620
Published:: 2006-12-18
Modified:: 2026-04-23
CVSS Score:: 7.2
Severity:: HIGH
Vector:: AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected Vendors

avg filseclab symantec comodo soft4ever infoprocess

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL