Vulnerability Description
Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Comodo | Comodo Firewall Pro | <= 2.4.17.183 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052461.html
- http://osvdb.org/45243
- http://securityreason.com/securityalert/2279
- http://www.matousec.com/info/advisories/Comodo-DLL-injection-via-weak-hash-funct
- http://www.securityfocus.com/archive/1/460209/100/100/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32530
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052461.html
- http://osvdb.org/45243
- http://securityreason.com/securityalert/2279
- http://www.matousec.com/info/advisories/Comodo-DLL-injection-via-weak-hash-funct
- http://www.securityfocus.com/archive/1/460209/100/100/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32530
FAQ
What is CVE-2007-1051?
CVE-2007-1051 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass securi...
How severe is CVE-2007-1051?
CVE-2007-1051 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1051?
Check the references section above for vendor advisories and patch information. Affected products include: Comodo Comodo Firewall Pro.