Computer Security
[EN] no-pyccku

Multiple personal firewalls uncommon process identifier protection bypass
SecurityVulns ID:7718
Threat Level:
Description:Two lower bits of process identifier are not ignored in hooked OpenProcess functions, making it possible to access protected application by using process id no divisible by 4.
Affected:COMODO : Comodo Firewall Pro 2.4
 COMODO : Comodo Personal Firewall 2.3
 ZONELABS : ZoneAlarm Pro 6.1
Original documentdocumentMatousec - Transparent security Research, Bypassing PFW/HIPS open process control with uncommon identifier (16.05.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod