Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2009-5125 |
CWE-ID | CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Comodo Internet Security Client/Desktop applications / Antivirus software/Personal firewalls |
Vendor | Comodo Group |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU43665
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-5125
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
Comodo Internet Security before 3.9.95478.509 allows remote attackers to bypass malware detection in an RAR archive via an unspecified manipulation of the archive file format.
MitigationInstall update from vendor's website.
Vulnerable software versionsComodo Internet Security: 3.0.14.276 - 3.8.64739.471
External linkshttp://blog.zoller.lu/2009/04/comodo-antivirus-evasionbypass.html
http://personalfirewall.comodo.com/release_notes.html
http://www.securityfocus.com/archive/1/503018
http://www.securityfocus.com/bid/34737
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.