8 matches found
CVE-2019-14694
CVE-2019-14694 describes a use-after-free in the sandbox container of Comodo Antivirus 12.0.0.6870, triggered by a race condition in the minifilter handling IRP_MJ_CLEANUP for directory change notifications. The flaw in cmdguard.sys could allow a local attacker to cause a denial of service (BSOD)...
CVE-2022-34008
CVE-2022-34008 concerns Comodo Antivirus 12.2.2.8012. The vulnerability enables privilege escalation by a low-privileged user who uses an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder. Public sources classify exploitability as local with low complexit...
CVE-2019-14270
CVE-2019-14270 affects Comodo Antivirus, Comodo Firewall, and Comodo Internet Security Premium up to version 12.0.0.6870, which use the Comodo Container feature and are vulnerable to a Sandbox Escape. Connected documents confirm the affected products and the sandbox-escape vector, but do not prov...
CVE-2019-3969
CVE-2019-3969 – Comodo Antivirus Local Privilege Escalation : Affected product: Comodo Antivirus versions up to 12.0.0.6810. Root cause: CmdAgent’s handling of COM clients allows a local process to bypass CmdAgent’s signature check via process hollowing, enabling invocation of sensitive COM metho...
CVE-2019-3970
CVE-2019-3970 affects Comodo Antivirus up to 12.0.0.6810. The vulnerability arises from Cavwp.exe loading the antivirus definition database into unsecured global section objects, enabling a local, low-privileged process to modify the in-memory data and alter virus signatures. Impact described in ...
CVE-2019-3971
CVE-2019-3971 affects Comodo Antivirus up to version 12.0.0.6810. It is a local Denial of Service affecting CmdVirth.exe via the LPC port cmdvrtLPCServerPort. A low-privilege local process can connect and send an LPC_DATAGRAM, triggering an Access Violation due to hardcoded NULLs used as the Sour...
CVE-2019-3972
CVE-2019-3972 affects Comodo Antivirus CmdAgent.exe (versions ≤ 12.0.0.6810). The root cause is an unprotected Global_CisSharedMemBuff section object that contains a SharedMemoryDictionary; a low-privileged process can modify the object data, resulting in an out-of-bounds read and a crash of CmdA...
CVE-2019-3973
CVE-2019-3973 affects Comodo Antivirus 11.0.0.6582 and earlier. The issue resides in Cmdguard.sys handling of the filter port cmdServicePort. A low-privilege process can force CmdVirth.exe to crash, reduce the port’s connection count, then hollow (process hollowing) CmdVirth.exe to obtain a handl...