CVE-2016-20088

The CVE refers to Comodo Chromodo Browser version 52.15.25.664 with an unquoted service path in the ChromodoUpdater service, which runs with SYSTEM privileges. This allows a local attacker to place a malicious executable in the service path and achieve arbitrary code execution with elevated privi...

📄 Chromodo Browser 45.8.12.391 Same Origin Policy Weakness

This proof of concept demonstrates message passing between two browser windows when opened under the same logical context same origin. It affect Chromodo Browser version 45.8.12.391...

Adamantium-Thief - Decrypt Chromium Based Browsers Passwords, Cookies, Credit Cards, History, Bookmarks

Get chromium browsers: passwords, credit cards, history, cookies, bookmarks. Chrome 80 is supported! Examples: Getpasswords from browsers: Stealer.exe PASSWORDS Get credit cards from browsers: Stealer.exe CREDITCARDS Get history from browsers: Stealer.exe HISTORY Get bookmarks from browsers:...

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: email protected Category: local Vendor...

Comodo Chromodo Browser Privilege Escalation

Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: [email protected] Category: local Vendor Homepage: https://www.comodo.com Software Lin...

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: [email protected]...

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation

Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: [email protected] Category: local Vendor Homepage: https://www.comodo.com Software Lin...

Comodo Chromodo Homologation Policy Security Bypass Vulnerability

Comodo Chromodo is a Chromium-based browser product. Comodo Chromodo suffers from a same-origin policy security bypass vulnerability that could be exploited by an attacker to bypass access restrictions, obtain sensitive data, or execute arbitrary code in the browser context to steal sensitive...

Tavis Ormandy Discloses Comodo GeekBuddy VNC Server

Just when you thought it was safe to dive back into the Comodo waters, Google researcher Tavis Ormandy has surfaced with more trouble. Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Securit...

Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks

Some Comodo Chromodo browser versions 45.8.12.392, 45.8.12.391, and possibly earlier are vulnerable to cross-domain attacks. When a user of a vulnerable Chromodo browser visits a specially crafted web page, an attacker may obtain access to web content from another domain. US-CERT recommends users...

Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium

Overview Comodo Chromodo browser, version 45.8.12.391, and possibly earlier, bundles the Ad Sanitizer extension, version 1.4.0.26, which disables the same origin policy, allowing for the possibility of cross-domain attacks by malicious or compromised web hosts. Chromodo is based on an outdated...

Comodo Chromodo Browser Disables Same-Origin Policy

Google researcher Tavis Ormandy has disclosed that the Chromodo browser installed with Comodo Internet Security disables the same-origin policy by default. The same-origin policy is a fundamental tenet of web security, ensuring that scripts access data from a second webpage only if the two pages...

Comodo's so-called 'Secure Internet Browser' Comes with Disabled Security Features

Beware Comodo Users! Have you Safeguarded your PC with a Comodo Antivirus? Then you need to inspect your system for privacy and security concerns. First of all, make sure whether your default browser had been changed to "Chromodo" -- a free browser offered by Comodo Antivirus. If your head nod is...