The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| aladdin | esafe | 7.0.17.0 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| emsisoft | anti-malware | 5.1.0.1 |
| mcafee | scan_engine | 5.400.0.1158 |
| softwin | bitdefender | 7.2 |
| mcafee | gateway | 2010.1c |
| comodo | comodo_antivirus | 7424 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| aladdin | esafe | 7.0.17.0 |
| sophos | sophos_anti-virus | 4.61.0 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| bitdefender | bitdefender | 7.2 |
| f-secure | anti-virus | 9.0.16160.0 |
| rising-global | rising_antivirus | 22.83.00.03 |
| mcafee | scan_engine | 5.400.0.1158 |
| mcafee | gateway | 2010.1c |
| comodo | comodo_antivirus | 7424 |
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| aladdin | esafe | 7.0.17.0 |
| sophos | sophos_anti-virus | 4.61.0 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| bitdefender | bitdefender | 7.2 |
| rising-global | rising_antivirus | 22.83.00.03 |
| mcafee | gateway | 2010.1c |
| comodo | comodo_antivirus | 7424 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| authentium | command_antivirus | 5.2.11.5 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
The Microsoft Office file parser in Comodo Antivirus 7425 allows remote attackers to bypass malware detection via an Office file with a \50\4B\53\70\58 character sequence at a certain location.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | comodo_antivirus | 7425 |
The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sophos | sophos_anti-virus | 4.61.0 |
| comodo | comodo_antivirus | 7425 |
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rising-global | rising_antivirus | 22.83.00.03 |
| mcafee | scan_engine | 5.400.0.1158 |
| antiy | avl_sdk | 2.0.3.7 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| avira | antivir | 7.11.1.163 |
| avg | avg_anti-virus | 10.0.0.1190 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| sophos | sophos_anti-virus | 4.61.0 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| alwil | avast_antivirus | 5.0.677.0 |
| bitdefender | bitdefender | 7.2 |
| emsisoft | anti-malware | 5.1.0.1 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| alwil | avast_antivirus | 4.8.1351.0 |
| k7computing | antivirus | 9.77.3565 |
| authentium | command_antivirus | 5.2.11.5 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| aladdin | esafe | 7.0.17.0 |
| eset | nod32_antivirus | 5795 |
| anti-virus | vba32 | 3.12.14.2 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| mcafee | gateway | 2010.1c |
| microsoft | security_essentials | 2.0 |
| clamav | clamav | 0.96.4 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| trendmicro | housecall | 9.120.0.1004 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| symantec | endpoint_protection | 11.0 |
| comodo | comodo_antivirus | 7424 |
| gdata-software | g_data_antivirus | 21 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| virusbuster | virusbuster | 13.6.151.0 |
| cat | quick_heal | 11.00 |
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| aladdin | esafe | 7.0.17.0 |
| eset | nod32_antivirus | 5795 |
| rising-global | rising_antivirus | 22.83.00.03 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| mcafee | scan_engine | 5.400.0.1158 |
| mcafee | gateway | 2010.1c |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| avg | avg_anti-virus | 10.0.0.1190 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| sophos | sophos_anti-virus | 4.61.0 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| trendmicro | housecall | 9.120.0.1004 |
| symantec | endpoint_protection | 11.0 |
| emsisoft | anti-malware | 5.1.0.1 |
| comodo | comodo_antivirus | 7424 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| cat | quick_heal | 11.00 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rising-global | rising_antivirus | 22.83.00.03 |
| mcafee | scan_engine | 5.400.0.1158 |
| antiy | avl_sdk | 2.0.3.7 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| avira | antivir | 7.11.1.163 |
| avg | avg_anti-virus | 10.0.0.1190 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| sophos | sophos_anti-virus | 4.61.0 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| alwil | avast_antivirus | 5.0.677.0 |
| bitdefender | bitdefender | 7.2 |
| emsisoft | anti-malware | 5.1.0.1 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| alwil | avast_antivirus | 4.8.1351.0 |
| k7computing | antivirus | 9.77.3565 |
| authentium | command_antivirus | 5.2.11.5 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| eset | nod32_antivirus | 5795 |
| anti-virus | vba32 | 3.12.14.2 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| mcafee | gateway | 2010.1c |
| microsoft | security_essentials | 2.0 |
| clamav | clamav | 0.96.4 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| trendmicro | housecall | 9.120.0.1004 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| symantec | endpoint_protection | 11.0 |
| comodo | comodo_antivirus | 7424 |
| gdata-software | g_data_antivirus | 21 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| virusbuster | virusbuster | 13.6.151.0 |
| cat | quick_heal | 11.00 |
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| aladdin | esafe | 7.0.17.0 |
| mcafee | scan_engine | 5.400.0.1158 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| bitdefender | bitdefender | 7.2 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| comodo | comodo_antivirus | 7424 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| authentium | command_antivirus | 5.2.11.5 |
| cat | quick_heal | 11.00 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel ImageBase value.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | comodo_internet_security | 5.3.176757.1236 |
| comodo | comodo_internet_security | 3.5.54375.427 |
| comodo | comodo_internet_security | 3.0.24.368 |
| comodo | comodo_internet_security | 3.8.65951.477 |
| comodo | comodo_internet_security | 5.9.219863.2196 |
| comodo | comodo_internet_security | 3.0.15.277 |
| comodo | comodo_internet_security | 5.8.213334.2131 |
| comodo | comodo_internet_security | 3.0.14.276 |
| comodo | comodo_internet_security | 3.0.19.318 |
| comodo | comodo_internet_security | 5.3.181415.1237 |
| comodo | comodo_internet_security | 5.8.211697.2124 |
| comodo | comodo_internet_security | 3.5.53896.424 |
| comodo | comodo_internet_security | 3.0.20.320 |
| comodo | comodo_internet_security | 3.12.111745.560 |
| comodo | comodo_internet_security | 3.0.18.309 |
| comodo | comodo_internet_security | 3.9.95478.509 |
| comodo | comodo_internet_security | 5.0.163652.1142 |
| comodo | comodo_internet_security | 3.0.16.295 |
| comodo | comodo_internet_security | 3.8.64263.468 |
| comodo | comodo_internet_security | 3.10.102363.531 |
| comodo | comodo_internet_security | 3.13.125662.579 |
| comodo | comodo_internet_security | 3.0.25.378 |
| comodo | comodo_internet_security | 3.8.64739.471 |
| comodo | comodo_internet_security | * |
| comodo | comodo_internet_security | 5.3.175888.1227 |
| comodo | comodo_internet_security | 3.0.17.304 |
| comodo | comodo_internet_security | 3.5.55810.432 |
| comodo | comodo_internet_security | 4.1.150349.920 |
| comodo | comodo_internet_security | 3.5.57173.439 |
| comodo | comodo_internet_security | 5.4.189822.1355 |
| comodo | comodo_internet_security | 3.13.121240.574 |
| comodo | comodo_internet_security | 4.0.138377.779 |
| comodo | comodo_internet_security | 3.11.108364.552 |
| comodo | comodo_internet_security | 3.0.22.349 |
| comodo | comodo_internet_security | 5.3.174622.1216 |
| comodo | comodo_internet_security | 4.0.141842.828 |
| comodo | comodo_internet_security | 3.0.23.364 |
| comodo | comodo_internet_security | 5.5.195786.1383 |
| comodo | comodo_internet_security | 3.14.130099.587 |
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | geekbuddy | * |
The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | backup | * |
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | unified_threat_management_firewall | * |
Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Escape.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | * |
| comodo | firewall | * |
| comodo | internet_security | * |
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory change notifications. This allows an attacker to cause a denial of service (BSOD) when an executable is run inside the container.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | 12.0.0.6870 |
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | comodo_internet_security | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the login endpoint with script payloads in the username field to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the admin_profiles endpoint that executes in the browsers of other users who view the affected page.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N | 3.1 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the admin_name, name, and surname parameters via POST requests to the /korugan/admins endpoint, which are stored and executed when administrators access the interface.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N | 3.1 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. Attackers can send POST requests to the license activation endpoint with script payloads in the newLicense field to execute arbitrary JavaScript in administrators' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N | 3.9 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. Attackers can send POST requests to the korugan/cmclient endpoint with script payloads in the organization parameter to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUP_RCPTTO parameter to execute arbitrary scripts in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the netmask_addr parameter. Attackers can send POST requests to the netwizard2 endpoint with script payloads in the netmask_addr parameter to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the destination parameter. Attackers can send POST requests to the routing endpoint with script payloads in the destination parameter to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through the source and destination parameters. Attackers can submit POST requests to the policy routing endpoint with script payloads in these parameters to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the GATEWAY_GREEN parameter. Attackers can send POST requests to the DHCP configuration endpoint with script payloads to execute arbitrary JavaScript in administrator browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP_SERVER_LIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the NTP_SERVER_LIST parameter to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. Attackers can craft requests to the /manage/ips/rules/ endpoint with script payloads in the ID parameter to execute arbitrary JavaScript in victim browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. Attackers can craft requests to the /manage/ips/appid/ endpoint with script payloads in the ID parameter to execute arbitrary JavaScript in victim browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspot_permanent_users endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to execute arbitrary scripts in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input through the device parameter. Attackers can send POST requests to the QoS devices management endpoint with script payloads in the device parameter to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protocol parameter to execute arbitrary code in administrator browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitrary JavaScript in users' browsers and steal session data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the schedule endpoint. Attackers can submit POST requests with JavaScript payloads in the SCHNAME parameter to execute arbitrary code in administrators' browsers when the schedule page is accessed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N | 3.9 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. Attackers can send POST requests with JavaScript payloads in the port or snat_to_ip parameters to execute arbitrary scripts in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in administrator browsers or store persistent scripts in the application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the vpnfw endpoint. Attackers can submit POST requests with script payloads in the target parameter for reflected XSS or the remark parameter for stored XSS to execute arbitrary JavaScript in administrator browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N | 3.9 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with JavaScript payloads in parameters like PROXY_PORT, VISIBLE_HOSTNAME, ADMIN_MAIL_ADDRESS, CACHE_MEM, MAX_SIZE, MIN_SIZE, and DST_NOCACHE to execute arbitrary scripts in administrator browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. Attackers can craft POST requests to the https_exceptions endpoint with script payloads to execute arbitrary JavaScript in users' browsers and steal session data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUS_ADMIN parameter. Attackers can send POST requests to the smtpconfig endpoint with script payloads to execute arbitrary JavaScript in the context of an administrator's browser session.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENT_SOURCE_BYPASS or TRANSPARENT_DESTINATION_BYPASS parameters to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the antispyware endpoint. Attackers can send POST requests with JavaScript payloads in the DNSMASQ_WHITELIST or DNSMASQ_BLACKLIST parameters to execute arbitrary code in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | * |
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the openvpn_users endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with script payloads in the username, remotenets, explicitroutes, static_ip, custom_dns, or custom_domain parameters to execute arbitrary JavaScript in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpn_advanced endpoint. Attackers can inject JavaScript code through the GLOBAL_NETWORKS and GLOBAL_DNS parameters via POST requests to execute arbitrary scripts in users' browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the vpn_users endpoint with script payloads in the username field to execute arbitrary JavaScript in victim browsers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dome_firewall | 2.7.0 |
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgent such as writing to the registry with SYSTEM privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | * |
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures.
CVSS 2.0
Severity: LOW
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | * |
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Access Violation due to hardcoded NULLs used for Source parameter in a memcpy operation that is called for this handler. This results in CmdVirth.exe and its child svchost.exe instances to terminate.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | * |
Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "<GUID>_CisSharedMemBuff". This section object is exposed by CmdAgent and contains a SharedMemoryDictionary object, which allows a low privileged process to modify the object data causing CmdAgent.exe to crash.
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | * |
Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by process hollowing a CmdVirth.exe instance with malicious code to obtain a handle to "cmdServicePort". Once this occurs, a specially crafted message can be sent to "cmdServicePort" using "FilterSendMessage" API. This can trigger an out-of-bounds write if lpOutBuffer parameter in FilterSendMessage API is near the end of specified buffer bounds. The crash occurs when the driver performs a memset operation which uses a size beyond the size of buffer specified, causing kernel crash.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | * |
Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | antivirus | 12.2.2.8012 |
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update mechanism. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-19055.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.2.4.8032 |
Comodo Firewall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the application to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21794.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | firewall | 12.2.2.8012 |
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22829.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.2.4.8032 |
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22832.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.2.4.8032 |
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22831.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.2.4.8032 |
A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cna@vuldb.com | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.2 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-295,CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.3.4.8162 |
A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation leads to improper validation of integrity check value. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cna@vuldb.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-345,CWE-354,CWE-354,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.3.4.8162 |
A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation of the argument binary/params leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cna@vuldb.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,CWE-78,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.3.4.8162 |
A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of the argument name/folder leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cna@vuldb.com | 5.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.2 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | internet_security | 12.3.4.8162 |
A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179. Affected by this vulnerability is an unknown functionality of the component HSTS Handler. The manipulation leads to security check for standard. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.2 | 1.4 |
| cna@vuldb.com | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-358,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dragon | * |
A vulnerability, which was classified as problematic, has been found in Comodo Dragon up to 134.0.6998.179. Affected by this issue is some unknown functionality of the component IP DNS Leakage Detector. The manipulation leads to cleartext transmission of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cna@vuldb.com | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.2 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-310,CWE-319,CWE-319,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dragon | * |
A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998.179. This affects an unknown part of the component IP DNS Leakage Detector. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cna@vuldb.com | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.6 | 1.4 |
| nvd@nist.gov | 4.7 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N | 1.6 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,CWE-94,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | dragon | * |