are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms.Ĭomodo Antivirus versions up to 12. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This allows an attacker to cause a denial of service (BSOD) when an executable is run inside the container.Īn issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory change notifications. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures.Ī use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12. are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database.
:max_bytes(150000):strip_icc()/comodo-firewall-c6856362681c43438150fac514a9f7e5.png "comodo personal firewall")
To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.Ĭomodo Antivirus versions up to 12.
has a quarantine flaw that allows privilege escalation. Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL.Ĭomodo Antivirus 12.
0 kommentar(er)
