Comodo Antivirus
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:comodo_antivirus:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Comodo Antivirus (c092c470-73ea-5256-8644-27d4250772da) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-3973 |
vulnerable | 2026-06-08 05:13:56.575971 |
Details available
Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by process hollowing a CmdVirth.exe instance with malicious code to obtain a handle to "cmdServicePort". Once this occurs, a specially crafted message can be sent to "cmdServicePort" using "FilterSendMessage" API. This can trigger an out-of-bounds write if lpOutBuffer parameter in FilterSendMessage API is near the end of specified buffer bounds. The crash occurs when the driver performs a memset operation which uses a size beyond the size of buffer specified, causing kernel crash.
Published: 2019-07-17T20:41:32.000Z
Updated: 2024-08-04T19:26:27.704Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-3972 |
vulnerable | 2026-06-08 05:13:56.575495 |
Details available
Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "<GUID>_CisSharedMemBuff". This section object is exposed by CmdAgent and contains a SharedMemoryDictionary object, which allows a low privileged process to modify the object data causing CmdAgent.exe to crash.
Published: 2019-07-17T20:40:37.000Z
Updated: 2024-08-04T19:26:27.643Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-3971 |
vulnerable | 2026-06-08 05:13:56.575070 |
Details available
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Access Violation due to hardcoded NULLs used for Source parameter in a memcpy operation that is called for this handler. This results in CmdVirth.exe and its child svchost.exe instances to terminate.
Published: 2019-07-17T20:35:01.000Z
Updated: 2024-08-04T19:26:27.555Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-3970 |
vulnerable | 2026-06-08 05:13:56.574697 |
Details available
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures.
Published: 2019-07-17T20:34:21.000Z
Updated: 2024-08-04T19:26:27.668Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.