What is the severity of CVE-2006-6618?

CVE-2006-6618 is classified as a medium severity vulnerability.

How do I fix CVE-2006-6618?

To mitigate CVE-2006-6618, update AntiHook to the latest version or use alternative security software with stronger process identification mechanisms.

Who is affected by CVE-2006-6618?

CVE-2006-6618 affects users of AntiHook version 3.0.0.23 and other specific firewall software listed in the vulnerability description.

What types of attacks can exploit CVE-2006-6618?

Attackers can exploit CVE-2006-6618 to bypass security controls on processes by spoofing process identification fields.

Is CVE-2006-6618 still a concern today?

While CVE-2006-6618 was reported in 2006, its relevance depends on the continued use of outdated versions of affected software.

Vulnerability/
CVE-2006-6618

high

7.2

CWE

NVD-CWE-Other

18/12/2006

17/10/2018

CVE-2006-6618

First published: Mon Dec 18 2006(Updated: )

AntiHook 3.0.0.23 - Desktop relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Look 'n' Stop Firewall	=2.05p2
AVG Antivirus Plus Firewall	=7.5.431
Comodo Firewall Pro	=2.3.6.81
Infoprocess Antihook	=3.0.23
Sygate Technologies	=5.6.2808
Filseclab Personal Firewall	=3.0.8686

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-6618?
CVE-2006-6618 is classified as a medium severity vulnerability.
How do I fix CVE-2006-6618?
To mitigate CVE-2006-6618, update AntiHook to the latest version or use alternative security software with stronger process identification mechanisms.
Who is affected by CVE-2006-6618?
CVE-2006-6618 affects users of AntiHook version 3.0.0.23 and other specific firewall software listed in the vulnerability description.
What types of attacks can exploit CVE-2006-6618?
Attackers can exploit CVE-2006-6618 to bypass security controls on processes by spoofing process identification fields.
Is CVE-2006-6618 still a concern today?
While CVE-2006-6618 was reported in 2006, its relevance depends on the continued use of outdated versions of affected software.

agent/references
agent/type
agent/first-publish-date
agent/last-modified-date
agent/severity
agent/weakness
agent/author
agent/description
agent/event
agent/softwarecombine
agent/tags
collector/nvd-historical
vendor/soft4ever
product/look n stop
canonical/soft4ever look n stop
vendor/avg
product/antivirus plus firewall
canonical/avg antivirus plus firewall
vendor/comodo
product/comodo personal firewall
canonical/comodo comodo personal firewall
vendor/infoprocess
product/antihook
canonical/infoprocess antihook
vendor/symantec
product/sygate personal firewall
canonical/symantec sygate personal firewall
vendor/filseclab
product/personal firewall
canonical/filseclab personal firewall
agent/software-canonical-lookup-request
collector/nvd-index
canonical/look 'n' stop firewall
version/look 'n' stop firewall/2.05p2
version/avg antivirus plus firewall/7.5.431
canonical/comodo firewall pro
version/comodo firewall pro/2.3.6.81
version/infoprocess antihook/3.0.23
canonical/sygate technologies
version/sygate technologies/5.6.2808
version/filseclab personal firewall/3.0.8686

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.