Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Comodo Firewall Pro 和Comodo Personal Firewall API函数安全权限漏洞
Vulnerability Description
Comodo Firewall Pro 和Comodo Personal Firewall以及可能更早的Comodo Firewall版本没有为NT kernel 5.0中的特定的Microsoft Windows API函数的进程标示符进行正确的等值测试,这使得本地用户可以借助一个畸形的标示符,调用这些函数和绕过防火墙规则或获得特权。这些畸形的标示符比标准标示符大一、二或三。
CVSS Information
N/A
Vulnerability Type
N/A