First published: Mon Dec 18 2006(Updated: )
Sygate Personal Firewall 5.6.2808 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
AVG Antivirus Plus Firewall | =7.5.431 | |
Comodo Firewall Pro | =2.3.6.81 | |
Filseclab Personal Firewall | =3.0.8686 | |
Infoprocess Antihook | =3.0.23 | |
Look 'n' Stop Firewall | =2.05p2 | |
Sygate Technologies | =5.6.2808 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-6623 is considered a medium severity vulnerability due to its potential to allow local users to bypass security controls.
To mitigate CVE-2006-6623, you should update to the latest version of Sygate Personal Firewall or consider alternative security solutions.
CVE-2006-6623 affects users of Symantec Sygate Personal Firewall version 5.6.2808 and other personal firewall software that relies on the Process Environment Block.
The impact of CVE-2006-6623 allows local users to manipulate process identification, potentially leading to unauthorized access or security breaches.
There are no known workarounds for CVE-2006-6623 other than upgrading to a patched version of the affected firewall software.