CVE-2006-6619

AVG Anti-Virus plus Firewall 7.5.431 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6619. PoCs published by Matousec Transparent security.

AI-analyzed exploit summary This is a vulnerability writeup describing a process-spoofing issue affecting multiple firewall and HIPS products. The vulnerability allows an attacker to make a malicious program appear as a trusted process, evading detection.

Description

AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Matousec Transparent security · textdoswindows

https://www.exploit-db.com/exploits/29287

View Code ZIP pw:eip

This is a vulnerability writeup describing a process-spoofing issue affecting multiple firewall and HIPS products. The vulnerability allows an attacker to make a malicious program appear as a trusted process, evading detection.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Multiple vendor firewalls and HIPS (e.g., InfoProcess AntiHook 3.0.0.23, AVG Anti-Virus plus Firewall 7.5.431, Comodo Personal Firewall 2.3.6.81, etc.)

No auth needed

Prerequisites: Access to execute arbitrary programs on the target system

MITRE ATT&CK

T1036 - Masquerading

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources x_refsource_misc

http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip

Vendor Advisory x_refsource_misc

http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/454522/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21615

Scores

EPSS 0.0094

EPSS Percentile 56.1%

Details

Status published

Products (6)

avg/antivirus_plus_firewall 7.5.431

comodo/comodo_personal_firewall 2.3.6.81

filseclab/personal_firewall 3.0.8686

infoprocess/antihook 3.0.23

soft4ever/look_n_stop 2.05p2

symantec/sygate_personal_firewall 5.6.2808

Published Dec 18, 2006

Tracked Since Feb 18, 2026