CVE-2006-6621

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

18/12/2006

Last modified:

09/04/2025

Description

Filseclab Personal Firewall 3.0.0.8686 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product&#39;s controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Impact

Vector 2.0

AV:L/AC:L/Au:N/C:C/I:C/A:C CVSS v2.0 Severity and Metrics:

Base Score: 7.20 HIGH
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Attack Vector (AV): Local
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete

Base Score 2.0

7.20

Severity 2.0

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:a:avg:antivirus_plus_firewall:7.5.431:::::::*
cpe:2.3:a:comodo:comodo_personal_firewall:2.3.6.81:::::::*
cpe:2.3:a:filseclab:personal_firewall:3.0.8686:::::::*
cpe:2.3:a:infoprocess:antihook:3.0.23:::::::*
cpe:2.3:a:soft4ever:look_n_stop:2.05p2:::::::*
cpe:2.3:a:symantec:sygate_personal_firewall:5.6.2808:::::::*

To consult the complete list of CPE names with products and versions, see this page

CPE	From	Up to
cpe:2.3:a:avg:antivirus_plus_firewall:7.5.431:::::::*
cpe:2.3:a:comodo:comodo_personal_firewall:2.3.6.81:::::::*
cpe:2.3:a:filseclab:personal_firewall:3.0.8686:::::::*
cpe:2.3:a:infoprocess:antihook:3.0.23:::::::*
cpe:2.3:a:soft4ever:look_n_stop:2.05p2:::::::*
cpe:2.3:a:symantec:sygate_personal_firewall:5.6.2808:::::::*

CVE-2006-6621

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools