Lucene search
K

790 matches found

Cvelist
Cvelist
added 2008/01/29 7:0 p.m.20 views

CVE-2008-0470

A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary commands via the ExecuteStr method...

7.6AI score0.30854EPSS
Exploits1References3
CVE
CVE
added 2008/01/29 7:0 p.m.47 views

CVE-2008-0470

CVE-2008-0470 involves a vulnerability in Comodo Antivirus 2.0 where a specific ActiveX control allows remote attackers to execute arbitrary commands through the ExecuteStr method. The connected documents confirm the affected product and the root cause (ActiveX control enabling remote command exe...

9.3CVSS7.6AI score0.30854EPSS
Exploits1References3Affected Software2
seebug.org
seebug.org
added 2008/01/25 12:0 a.m.16 views

Comodo AntiVirus 'ExecuteStr()' ActiveX控件缓冲区溢出漏

Comodo AntiVirus是一款反病毒应用程序。 Comodo AntiVirus包含的ActiveX控件存在缓冲区溢出问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题是控件对ExecuteStr方法的参数缺少正确边界处理,构建恶意的WEB页,诱使用户打开,可导致以应用程序进程权限执行任意指令. Comodo AntiVirus 2.0 厂商解决方案 目前没有详细解决方案提供: http://www.personalfirewall.comodo.com/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/01/25 12:0 a.m.15 views

Comodo AntiVirus 2.0 ExecuteStr() Remote Command Execution Exploit

No description provided by source. !-- Comodo AntiVirus 2.0 ExecuteStr 0day Remote Command Execution Exploit Bug discovered by Krystian Kloskowski h07 [email protected] Tested on:.. - Comodo AntiVirus Beta 2.0 - Microsoft Internet Explorer 6 Just for fun ; -- html object id="obj"...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/24 12:0 a.m.18 views

comodo-exec.txt

Tested on:.. - Comodo AntiVirus Beta 2.0 - Microsoft Internet Explorer 6 Just for fun ; -- obj.ExecuteStr'cmd.exe', '/C echo "hello world" && pause';...

Exploits0
exploitpack
exploitpack
added 2008/01/23 12:0 a.m.10 views

Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution

Comodo AntiVirus 2.0 - ExecuteStr Remote Command Execution Tested on:.. - Comodo AntiVirus Beta 2.0 - Microsoft Internet Explorer 6 Just for fun ; -- obj.ExecuteStr'cmd.exe', '/C echo "hello world" && pause'; milw0rm.com 2008-01-23...

1.5AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/23 12:0 a.m.34 views

Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution

Tested on:.. - Comodo AntiVirus Beta 2.0 - Microsoft Internet Explorer 6 Just for fun ; -- obj.ExecuteStr'cmd.exe', '/C echo "hello world" && pause'; milw0rm.com 2008-01-23...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/01/23 12:0 a.m.19 views

Comodo AntiVirus 2.0 ExecuteStr() Remote Command Execution Exploit

Exploit for unknown platform in category remote exploits ================================================================== Comodo AntiVirus 2.0 ExecuteStr Remote Command Execution Exploit ================================================================== Tested on:.. - Comodo AntiVirus Beta 2.0 ...

7.1AI score
Exploits0
NVD
NVD
added 2007/05/16 10:30 p.m.12 views

CVE-2007-2729

Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these...

7.2CVSS6.5AI score0.00321EPSS
Exploits0References4
Prion
Prion
added 2007/05/16 10:30 p.m.11 views

Design/Logic Flaw

Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these...

7.2CVSS7AI score0.00321EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2007/05/16 10:0 p.m.55 views

CVE-2007-2729

CVE-2007-2729 affects Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81 (and likely older Comodo firewall versions). The issue arises from improper testing of equivalence of process identifiers for certain Windows API functions in the NT kernel (version 5.0 and greater). This a...

7.2CVSS6.5AI score0.00321EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2007/05/16 10:0 p.m.16 views

CVE-2007-2729

Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these...

6.5AI score0.00321EPSS
Exploits0References4
seebug.org
seebug.org
added 2007/05/16 12:0 a.m.42 views

ZoneAlarm及Comodo防火墙本地绕过保护机制漏洞

ZoneAlarm和Comodo都是非常流行的个人防火墙。 ZoneAlarm及Comodo防火墙在检测管理进程的实现上存在漏洞,本地攻击者可能利用此漏洞绕过检测。...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/05/16 12:0 a.m.75 views

Bypassing PFW/HIPS open process control with uncommon identifier

Hello, We would like to inform you about a vulnerability in personal firewalls and HIPS software. Description: Windows operating systems with NT kernel version 5.0 and higher i.e. Windows 2000, XP, 2003 use integer numbers divisible by four to identify processes. Internal implementation of system...

1.3AI score
Exploits0
exploitpack
exploitpack
added 2007/05/15 12:0 a.m.12 views

Multiple Personal Firewall Products - Local Protection Mechanism Bypass

Multiple Personal Firewall Products - Local Protection Mechanism Bypass source: https://www.securityfocus.com/bid/23987/info Multiple personal firewall products are prone to a vulnerability that lets attackers bypass protection mechanisms. This issue occurs because the applications fail to proper...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/15 12:0 a.m.22 views

Multiple Personal Firewall Products - Local Protection Mechanism Bypass

source: https://www.securityfocus.com/bid/23987/info Multiple personal firewall products are prone to a vulnerability that lets attackers bypass protection mechanisms. This issue occurs because the applications fail to properly implement protection mechanisms based on valid process identifiers...

7AI score
Exploits0
NVD
NVD
added 2007/03/07 9:19 p.m.23 views

CVE-2007-1330

Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...

4.4CVSS6.2AI score0.00692EPSS
Exploits0References6
Prion
Prion
added 2007/03/07 9:19 p.m.26 views

Open redirect

Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...

4.4CVSS6.8AI score0.00692EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/03/07 9:0 p.m.25 views

CVE-2007-1330

Comodo Firewall Pro CFP formerly Comodo Personal Firewall 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple...

6.2AI score0.00692EPSS
Exploits0References6
CVE
CVE
added 2007/03/07 9:0 p.m.45 views

CVE-2007-1330

CVE-2007-1330 affects Comodo Firewall Pro (CFP) versions 2.4.18.184 and earlier. The issue is a local privilege bypass in which an attacker can bypass driver protections for the registry key HKLM\SYSTEM\Software\Comodo\Personal Firewall by guessing the name of a Named Pipe under \Device\NamedPipe...

4.4CVSS6.3AI score0.00692EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder