Input validation error in Comodo Internet Security - CVE-2009-5125

 

Input validation error in Comodo Internet Security - CVE-2009-5125

Published: August 26, 2012 / Updated: August 11, 2020


Vulnerability identifier: #VU43665
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2009-5125
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Comodo Group
Affected software:
Comodo Internet Security

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

Comodo Internet Security before 3.9.95478.509 allows remote attackers to bypass malware detection in an RAR archive via an unspecified manipulation of the archive file format.


How to mitigate CVE-2009-5125

Install update from vendor's website.

Sources