VAR-200702-0515
Vulnerability from variot - Updated: 2023-12-18 11:11Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value. Comodo Firewall Pro is prone to a local security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200702-0515",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firewall pro",
"scope": "lte",
"trust": 1.8,
"vendor": "comodo",
"version": "2.4.17.183"
},
{
"model": "firewall pro",
"scope": "eq",
"trust": 0.9,
"vendor": "comodo",
"version": "2.4.17.183"
}
],
"sources": [
{
"db": "BID",
"id": "86612"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_firewall_pro:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.17.183",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1051"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "86612"
}
],
"trust": 0.3
},
"cve": "CVE-2007-1051",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2007-1051",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-24413",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-1051",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200702-362",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-24413",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24413"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value. Comodo Firewall Pro is prone to a local security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"db": "BID",
"id": "86612"
},
{
"db": "VULHUB",
"id": "VHN-24413"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1051",
"trust": 2.8
},
{
"db": "SREASON",
"id": "2279",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "45243",
"trust": 1.7
},
{
"db": "XF",
"id": "32530",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001595",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200702-362",
"trust": 0.7
},
{
"db": "XF",
"id": "32",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20070215 COMODO DLL INJECTION VIA WEAK HASH FUNCTION EXPLOITATION VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070215 COMODO DLL INJECTION VIA WEAK HASH FUNCTION EXPLOITATION VULNERABILITY",
"trust": 0.6
},
{
"db": "BID",
"id": "86612",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-24413",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24413"
},
{
"db": "BID",
"id": "86612"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
]
},
"id": "VAR-200702-0515",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24413"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:11:48.744000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://personalfirewall.comodo.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1051"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-february/052461.html"
},
{
"trust": 2.0,
"url": "http://www.matousec.com/info/advisories/comodo-dll-injection-via-weak-hash-function-exploitation.php"
},
{
"trust": 2.0,
"url": "http://securityreason.com/securityalert/2279"
},
{
"trust": 1.7,
"url": "http://osvdb.org/45243"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/460209/100/100/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32530"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/32530"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/460209/100/100/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1051"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1051"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24413"
},
{
"db": "BID",
"id": "86612"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-24413"
},
{
"db": "BID",
"id": "86612"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-24413"
},
{
"date": "2007-02-21T00:00:00",
"db": "BID",
"id": "86612"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"date": "2007-02-21T23:28:00",
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"date": "2007-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-24413"
},
{
"date": "2007-02-21T00:00:00",
"db": "BID",
"id": "86612"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001595"
},
{
"date": "2018-10-16T16:36:30.093000",
"db": "NVD",
"id": "CVE-2007-1051"
},
{
"date": "2007-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "86612"
},
{
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Comodo Firewall Pro Vulnerabilities that prevent security protection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001595"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200702-362"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…