Required CVE Record Information
Description
Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) functions, which allows local users to cause a denial of service (system crash) via (1) a crafted OBJECT_ATTRIBUTES structure in a call to the NtDeleteFile function, which leads to improper validation of a ZwQueryObject result; and unspecified calls to the (2) NtCreateFile and (3) NtSetThreadContext functions, different vectors than CVE-2007-0709.
References 9 Total
- vupen.com: ADV-2008-1383 vdb-entry
- secunia.com: 30006 third-party-advisory
- http://www.personalfirewall.comodo.com/release_notes.html
- securityreason.com: 3838 third-party-advisory
- securityfocus.com: 28742 vdb-entry
- http://www.coresecurity.com/?action=item&id=2249
- securitytracker.com: 1019944 vdb-entry
- exchange.xforce.ibmcloud.com: comodo-ssdt-dos(42082) vdb-entry
- securityfocus.com: 20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- vupen.com: ADV-2008-1383 vdb-entryx_transferred
- secunia.com: 30006 third-party-advisoryx_transferred
- http://www.personalfirewall.comodo.com/release_notes.html x_transferred
- securityreason.com: 3838 third-party-advisoryx_transferred
- securityfocus.com: 28742 vdb-entryx_transferred
- http://www.coresecurity.com/?action=item&id=2249 x_transferred
- securitytracker.com: 1019944 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: comodo-ssdt-dos(42082) vdb-entryx_transferred
- securityfocus.com: 20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls mailing-listx_transferred