Lucene search

Kaspersky LabKLA10123

HistoryAug 25, 2012 - 12:00 a.m.

KLA10123 SB vulnerability in Comodo Internet Security

2012-08-2500:00:00

Kaspersky Lab

threats.kaspersky.com

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Race conditions were found in Comodo Internet Security. By exploiting this vulnerability malicious users can bypass Defence+. This vulnerability can be exploited from the network at a point related to unknown.

Original advisories

Comodo release notes

Related products

Comodo-Internet-Security

CVE list

CVE-2011-5118 warning

Solution

Update to latest version

Impacts

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

Comodo Internet Security versions 5.8.211697 and earlier

References

personalfirewall.comodo.com/release_notes.html

statistics.securelist.com/

threats.kaspersky.com/en/product/Comodo-Internet-Security/

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for KLA10123