CVE-2016-20088

Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or...

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: email protected Category: local Vendor...

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: [email protected]...

Comodo Chromodo Browser Privilege Escalation

Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: [email protected] Category: local Vendor Homepage: https://www.comodo.com Software Lin...

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation

Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: [email protected] Category: local Vendor Homepage: https://www.comodo.com Software Lin...

Comodo Chromodo Homologation Policy Security Bypass Vulnerability

Comodo Chromodo is a Chromium-based browser product. Comodo Chromodo suffers from a same-origin policy security bypass vulnerability that could be exploited by an attacker to bypass access restrictions, obtain sensitive data, or execute arbitrary code in the browser context to steal sensitive...

Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium

Overview Comodo Chromodo browser, version 45.8.12.391, and possibly earlier, bundles the Ad Sanitizer extension, version 1.4.0.26, which disables the same origin policy, allowing for the possibility of cross-domain attacks by malicious or compromised web hosts. Chromodo is based on an outdated...

Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks

Some Comodo Chromodo browser versions 45.8.12.392, 45.8.12.391, and possibly earlier are vulnerable to cross-domain attacks. When a user of a vulnerable Chromodo browser visits a specially crafted web page, an attacker may obtain access to web content from another domain. US-CERT recommends users...