Internet Security Pro
Approved changes feed: RSS · Atom
cpe:2.3:a:comodo:internet_security_pro:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Comodo (ae0f5a94-22c5-54dd-8ff5-a3476482174a) |
|---|---|
| Product | Internet Security Pro (d3ddc128-0c2c-58fd-96f8-9f9174bbfa89) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-7252 |
vulnerable | 2026-06-03 14:58:05.366598 |
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
HIGH (7.8)
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22831.
Published: 2024-07-29T21:18:26.806Z
Updated: 2024-08-01T21:52:31.268Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7251 |
vulnerable | 2026-06-03 14:58:05.366180 |
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
HIGH (7.8)
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22832.
Published: 2024-07-29T21:18:22.094Z
Updated: 2024-08-01T21:52:31.008Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7250 |
vulnerable | 2026-06-03 14:58:05.365662 |
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
HIGH (7.8)
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22829.
Published: 2024-07-29T21:18:17.745Z
Updated: 2024-08-01T21:52:31.284Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7248 |
vulnerable | 2026-06-03 14:58:05.361616 |
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability
HIGH (7.8)
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the update mechanism. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-19055.
Published: 2024-07-29T21:18:08.928Z
Updated: 2024-08-01T21:52:31.474Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.