Matousec Transparent security

12 exploits Active since Jun 2006
CVE-2007-0333 EXPLOITDB text WRITEUP
Agnitum Outpost Firewall PRO 4.0 - Privilege Escalation
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
CVE-2007-0081 EXPLOITDB text WRITEUP
Sunbelt Kerio Personal Firewall <4.3.268-4.3.246 - Local Privilege ...
Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possibly other versions allows local users to provide a Trojan horse iphlpapi.dll to SKPF by placing it in the installation directory.
CVE-2006-3074 EXPLOITDB text WRITEUP
Kaspersky Internet Security/KAV <7.0 - Local Privilege Escalation
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
EIP-2026-116983 EXPLOITDB text WRITEUP
Comodo Firewall 2.3/2.4 - Flawed Component Control Cryptographic Hash
CVE-2007-1330 EXPLOITDB text WRITEUP
Comodo Firewall Pro <2.4.18.184 - Privilege Escalation
Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times.
CVE-2007-2083 EXPLOITDB c WORKING POC
ZoneAlarm Pro < 7.0.302.000 - Denial of Service or Arbitrary Code Execution via NtCreateKey and NtDeleteFile SSDT Hooks
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
CVE-2006-5721 EXPLOITDB text WRITEUP
Outpost Firewall PRO 4.0 (964.582.059) - Denial of Service via SandBox Driver DeviceIoControl
The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation.
CVE-2006-6619 EXPLOITDB text WRITEUP
AVG Anti-Virus plus Firewall 7.5.431 - Privilege Escalation
AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
CVE-2007-0708 EXPLOITDB c WORKING POC
Comodo Firewall Pro <2.4.16.174 - DoS
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
EIP-2026-103785 EXPLOITDB text SUSPICIOUS
Multiple Personal Firewall Products - Local Protection Mechanism Bypass
CVE-2006-7129 EXPLOITDB text WRITEUP
ISS BlackICE PC Protection <3.6 - Auth Bypass
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
CVE-2007-3086 EXPLOITDB c WORKING POC
Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier - Denial of Service via outpost_ipc_hdr Mutex Capture
Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.