Antivirus Security Vulnerabilities and Issues — Antivirus CVE List

Lucene search

ComodoAntivirus

8 matches found

CVE•added 2019/08/28 8:15 p.m.•58 views

CVE-2019-14694

A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory change notifications. This allows an attacker to cause a denial of service (BSOD)...

4.7CVSS4.8AI score0.00044EPSS

CVE•added 2022/06/21 3:15 p.m.•53 views

CVE-2022-34008

Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.

7.8CVSS7.7AI score0.00069EPSS

CVE•added 2019/07/17 9:15 p.m.•39 views

CVE-2019-3970

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly...

5.5CVSS6.1AI score0.00048EPSS

CVE•added 2019/07/17 9:15 p.m.•39 views

CVE-2019-3971

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Access Violation due to hardcoded NULLs used for...

5.5CVSS6AI score0.00048EPSS

CVE•added 2019/07/17 9:15 p.m.•39 views

CVE-2019-3972

Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "_CisSharedMemBuff". This section object is exposed by CmdAgent and contains a SharedMemoryDictionary object, which allows a low privileged process to modify ...

5.5CVSS6.1AI score0.00054EPSS

CVE•added 2019/07/17 9:15 p.m.•37 views

CVE-2019-3969

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgent ...

7.8CVSS7.5AI score0.00064EPSS

CVE•added 2019/07/17 9:15 p.m.•36 views

CVE-2019-3973

Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by process hollowing a CmdVirth.exe instance with malicio...

5.5CVSS5.8AI score0.00049EPSS

CVE•added 2019/07/25 5:15 p.m.•34 views

CVE-2019-14270

Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Escape.

7.1CVSS6.9AI score0.00056EPSS