CVE-2007-0708

CVSS 7.2 - HIGH
Description

cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.

Affected Products
1
Vendor Product Version
comodo comodo_firewall_pro 2.4.16.174
References
http://securitytracker.com/id?1017580
http://www.matousec.com/info/advisories/Comodo-Mul...
http://www.securityfocus.com/archive/1/458773/100/...
http://www.securityfocus.com/bid/22357
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://securitytracker.com/id?1017580
http://www.matousec.com/info/advisories/Comodo-Mul...
http://www.securityfocus.com/archive/1/458773/100/...
http://www.securityfocus.com/bid/22357
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2007-0708
Published:
2007-02-04
Modified:
2026-04-23
CVSS Score:
7.2
Severity:
HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Vendors
comodo
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL