Remote denial of service in Comodo Internet Security's Inspect.sys firewall driver lets an unauthenticated attacker crash any Windows host running the product by sending a single crafted IPv6 packet, even when all ports are blocked at the firewall. The flaw is an integer underflow (CWE-191) in IPv6 extension-header parsing that occurs before firewall rule enforcement, producing an out-of-bounds read and an oversized memcpy at DISPATCH_LEVEL and an immediate BSOD. Publicly available exploit code exists, published alongside MalwareTech's technical writeup and a working PoC named ComoDoS.
Microsoft
Integer Overflow
Buffer Overflow
Comodo Internet Security
NVD
GitHub
VulDB
CVSS 4.0
8.7
EPSS
0.1%