Input validation error in Comodo Internet Security - CVE-2010-5185
Published: August 26, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU43668
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2010-5185
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Comodo Group
Affected software:
Comodo Internet Security
Comodo Internet Security
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The Antivirus component in Comodo Internet Security before 5.3.174622.1216 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors.
How to mitigate CVE-2010-5185
Install update from vendor's website.