790 matches found
Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks
Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=763 The LZMA specification says the following about the memory usage of decompression: "The size of the probability model counter arrays is calculated with the...
Comodo AntiVirus - Heap Overflow in LZX Decompression
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=737 LzxDecoder::init initializes the vector LzxDecoder-window to a fixed size of 2^method bytes, which is then used during LzxDecoder::Extract. It's possible for LZX compressed...
Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans
Exploit for windows platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=769 Comodo Antivirus includes a x86 emulator that is used to unpack and monitor obfuscated executables, this is common practice among antivirus products. The idea is that...
Comodo AntiVirus - Heap Overflow in LZX Decompression
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=737 LzxDecoder::init initializes the vector LzxDecoder-window to a fixed size of 2^method bytes, which is then used during LzxDecoder::Extract. It's possible for LZX compressed streams to exceed this size. Writes to the window buff...
Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=738 A major component of Comodo Antivirus is the x86 emulator, which includes a number of shims for win32 API routines so that common API calls work in emulated programs CreateFile, LoadLibrary, etc. The emulator itself is located ...
Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=762 In COleMemFile::LoadDiFatList, values from the header are used to parse the document FAT. If header.csectDif is very high, the calculation overflows and a very small buffer is allocated. The document FAT is then memcpy'd onto t...
Comodo - PackMan Unpacker Insufficient Parameter Validation
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=764 Packman is an obscure opensource executable packer that Comodo Antivirus attempts to unpack during scanning. The code is available online here: http://packmanpacker.sourceforge.net/ If the compression method is set to algorithm...
Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=763 The LZMA specification says the following about the memory usage of decompression: "The size of the probability model counter arrays is calculated with the following formula: sizeofprobarrays = 1846 + 768 1 r rax=00000000000004...
Comodo GeekBuddy Local Elevation of Privilege Vulnerability
Comodo GeekBuddy is an online computer support system from Comodo USA. Comodo GeekBuddy suffers from a local elevation of privilege vulnerability. A local attacker could use this vulnerability to gain elevated privileges and bypass the sandbox...
Comodo Anti-Virus - SHFolder.dll Local Privilege Escalation
Comodo Anti-Virus - SHFolder.dll Local Privilege Escalation ...... ,;''''''''''''''''';, .;''''''''''''''''''''''''''', :''''''''+';:,..,:;'''''''''': ,;'''''';,. ,;'''''';: :'''''',. ,'''''';. ;+''+': ,; ,''''';. ;'''';. .:;' . ;'''''. :+'''; ,:+'' ';;',''; :''''; .''''; ,';' '':' ';,''',' :'''...
Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit
Exploit for windows platform in category local exploits SHFolder.DLL Local Privilege Elevation Exploit for Comodo Anti-Virus GeekBuddy Component by @LaughingMantis Greg Linares Since it took 146 days to fix a DLL Hijack issue I decided to drop this PoC: Technical Geeky Stuff GeekBuddy stores...
Comodo Anti-Virus GeekBuddy DLL Hijacking
...... ,;''''''''''''''''';, .;''''''''''''''''''''''''''', :''''''''+';:,..,:;'''''''''': ,;'''''';,. ,;'''''';: :'''''',. ,'''''';. ;+''+': ,; ,''''';. ;'''';. .:;' . ;'''''. :+'''; ,:+'' ';;',''; :''''; .''''; ,';' '':' ';,''',' :''' .'' :'''', ;'''' ;'' :+. ;';, ';:' '''',;:+ '', ;'''' .''''...
Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Escalation
...... ,;''''''''''''''''';, .;''''''''''''''''''''''''''', :''''''''+';:,..,:;'''''''''': ,;'''''';,. ,;'''''';: :'''''',. ,'''''';. ;+''+': ,; ,''''';. ;'''';. .:;' . ;'''''. :+'''; ,:+'' ';;',''; :''''; .''''; ,';' '':' ';,''',' :''' .'' :'''', ;'''' ;'' :+. ;';, ';:' '''',;:+ '', ;'''' .''''...
Comodo Chromodo Homologation Policy Security Bypass Vulnerability
Comodo Chromodo is a Chromium-based browser product. Comodo Chromodo suffers from a same-origin policy security bypass vulnerability that could be exploited by an attacker to bypass access restrictions, obtain sensitive data, or execute arbitrary code in the browser context to steal sensitive...
Tavis Ormandy Discloses Comodo GeekBuddy VNC Server
Just when you thought it was safe to dive back into the Comodo waters, Google researcher Tavis Ormandy has surfaced with more trouble. Publicly disclosed yesterday on the Google Project Zero site, Ormandy said that a tech support application called GeekBuddy installed with Comodo Internet Securit...
COMODO Cross Site Scripting
Exploit Title: COMODO Subdomain XSS Vulnerability Google Dork: N/A Date: 2016/2/3 Exploit Author: RootByte Vendor Homepage: http://personalfirewall.comodo.com/ Software Link: N/A Version: N/A Tested on: Windows 10 / FireFox 44.0 CVE : N/A about Wikipedia: COMODO is a privately held group of...
Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks
Some Comodo Chromodo browser versions 45.8.12.392, 45.8.12.391, and possibly earlier are vulnerable to cross-domain attacks. When a user of a vulnerable Chromodo browser visits a specially crafted web page, an attacker may obtain access to web content from another domain. US-CERT recommends users...
Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium
Overview Comodo Chromodo browser, version 45.8.12.391, and possibly earlier, bundles the Ad Sanitizer extension, version 1.4.0.26, which disables the same origin policy, allowing for the possibility of cross-domain attacks by malicious or compromised web hosts. Chromodo is based on an outdated...
Comodo Chromodo Browser Disables Same-Origin Policy
Google researcher Tavis Ormandy has disclosed that the Chromodo browser installed with Comodo Internet Security disables the same-origin policy by default. The same-origin policy is a fundamental tenet of web security, ensuring that scripts access data from a second webpage only if the two pages...
Comodo's so-called 'Secure Internet Browser' Comes with Disabled Security Features
Beware Comodo Users! Have you Safeguarded your PC with a Comodo Antivirus? Then you need to inspect your system for privacy and security concerns. First of all, make sure whether your default browser had been changed to "Chromodo" -- a free browser offered by Comodo Antivirus. If your head nod is...